Job Description

Company Description

Arista Networks is an industry leader in data-driven, client to cloud networking for large data centre, campus and routing environments. Arista's award-winning platforms deliver availability, agility, automation, analytics and security through CloudVision and Arista EOS, an advanced network operating system.



Awake's mission is to protect companies from advanced cyber-attacks and to help their security teams operate with super-human efficiency. Our approach is simply different than what is available today, and we aim to create a world-class, diverse and enduring capability to help protect the information assets that enrich our world.

Our team is composed of customer focused professionals with best in class industry experience. Our team of extremely talented and friendly individuals is looking for new members who are passionate, motivated, and most of all enjoy working closely with customers to ensure their success.

Responsibilities

Support Awake Labs Managed Network Detection and Response (MNDR) solution

Work a scheduled shift in a 24x7 remote Security Operation Center (SOC) environment

Conduct threat hunting and investigations using Awake's network traffic analysis platform

Investigate, document, and report on information security issues and emerging trends

Coordinate with other internal Awake Labs analysts or internal departments on activities impacting a diverse customer base

Conduct network log and network PCAP analysis, malware triage; and other investigation related activities in support of Incident Response investigations

Assist Awake's clients by advising on and helping to implement incident remediation plans

Develop code scripts and tools to automate the analysis of forensic artifacts and other MNDR solutions

Evolve existing Awake Labs methodologies to enhance and improve our DFIR practice

Assist with client onboarding and monthly reporting calls.

Provide training, present to small groups, write blogs, and speak at conferences such as Blackhat and BSides

Write executive and technical reports for client engagements

Requirements

3 or more years of Managed SOC experience using network traffic or monitoring technology

2 or more years of Managed SOC experience on either network or Endpoint Detection and Response (EDR) technology

Have the personality of someone who likes to dive into a PCAP, look at the raw hex, and also jump into the protocol RFC/specification document(s) to better understand it

Ability to parse and read PCAP data using Wireshark or other tools as well as being able to read text-based network logs to identify malicious activity

Ability to read blogs, conduct research, and convert threat intelligence into detection models

Understanding of a wide range of network protocols and how they function at their lowest levels

Proficient with network-based hunting and analysis

Ability to code scripts in Python, Go, and/or Powershell

Familiar with Splunk, ELK, and or other SIEM tools

network traffic with endpoint artifacts with customer environments

Ability to prioritize and complete multiple tasks with little to no supervision

Ability to work independently or as part of a collaborative team effort

Other Desired Benefits

Experience with Awake's network traffic analysis platform

Excellent customer-facing skills

Ability to perform tabletop incident response exercises

Strong understanding of network security concepts

Cloud (AWS, Azure, GCP, and O365) DFIR experience

Advanced Python, Go, C#/.NET and/or Powershell

Familiar with interacting and/or writing APIs

CREST Certified in incident response