Founded by mathematicians and cyber defense experts in 2013, Darktrace is a global leader in cyber security AI, delivering complete AI-powered solutions in its mission to free the world of cyber disruption. We protect more than 8,400 customers from the world’s most complex threats, including ransomware, cloud, and SaaS attacks.
Our roots lie deep in innovation. The Darktrace AI Research Centre based in Cambridge, UK, has conducted research establishing new thresholds in cyber security, with technology innovations backed by over 130 patents and pending applications. The company’s European R&D center is located in The Hague, Netherlands.
Headquartered in Cambridge, UK, Darktrace has more than 2,400 employees located globally. Customers include public sector agencies, education institutions, media, organizations supplying critical infrastructure, and businesses of all sizes worldwide.
This is an excellent opportunity to join a fast-growing company, named one of TIME magazine’s
“Most Influential Companies” for 2021 and one of Fast Company’s
“Most Innovative AI Companies” in 2022. For more information on our cutting-edge technology, visit darktrace.com.
As Senior SOC Analyst, you will be a founding member of the internal security team within our U.S. federal business unit. Your day-to-day responsibilities will include triaging and investigating security alerts, proactive threat hunting, responding to incidents, building detections, and documenting procedures and playbooks. You will work closely with the federal DevOps, IT, security engineering, and executive leaderships teams to ensure that we maintain the highest security standards as required by our FEDRAMP certification.Key Duties & Responsibilities:
Qualifications & Experience:
- Usage of the Darktrace suite of products, as well as FEDRAMP approved EDR/NDR/XDR, vulnerability scanning, and SIEM security tooling.
- You will be expected to cover SOC duties during normal US working hours in your time zone, in addition to participating in a rotating 24/7 on-call schedule.
- Given the start-up nature of the federal business unit, this is a fast-paced role, and you will need to make sure you're an organized, pro-active team player who is comfortable wearing multiple hats. We’re specifically looking for someone who is intellectually curious, humble, and capable of devising solutions to unique problems that may arise. As a company that prides itself on our reactive capabilities, we are looking for someone who can work independently with little or no supervision.
- Minimum 5+ years total experience and four-year university degree, or equivalent military experience.
- Prior experience as a tier 2 or 3 SOC analyst or as an incident responder, preferably in a regulated or high security environment for a fortune 500 or government agency.
- Understanding of DevOps and DevSecOps best practices gained from experience working in or responding to incidents in cloud environments.
- Minimum 5+ years hands on experience using industry leading security tools such as Microsoft Defender, Trend-Micro, Splunk Enterprise, Nessus, or Burp-Suite to analyze data and respond to security incidents.
- Understanding of network, cloud, and endpoint forensics, email analysis, incident response process, and Zero-Trust principals,
- Exposure to threat intelligence principals and experience building custom detections to cover identified gaps.
- Professional certifications, such as CISSP, GIAC, CEH, or other relevant vendor training courses or certifications.
- Willingness to support a 24/7 on-call rotation for security alerts and incidents.
- US Citizenship is required, and the candidate must be able to obtain a security clearance
- Excellent communication, collaboration, documentation, and presentation skills.
- Must be intellectually curious with a demonstrated ability to work independently.
- 100% medical, dental and vision insurance, plus dependents
- Paid parental leave
- Pet insurance
- Life insurance
- Commuter benefits
- Employee Assistance Program