Senior Security Operations Analyst

Coalition is the leading provider of cyber insurance and security, combining comprehensive insurance and proactive cybersecurity tools to help organizations be resilient to cyber attacks. Cyber losses cost the global economy upwards of $1.5 trillion each year, and yet the majority of businesses are under-insured and under-prepared to manage and mitigate the risks of an increasingly digital world. Coalition is addressing this gap by providing no-cost cybersecurity tools to prevent losses, security and incident response services to contain them, and comprehensive insurance to help organizations recover from failures and breaches. We serve over 42,000 customers, ranging from small and midsize businesses to Fortune 500 companies.

Founded in 2017, Coalition has raised $300M from leading global technology investors, including Index Ventures, General Atlantic, Ribbit Capital, Vy Capital, Hillhouse Capital, and Valor Equity Partners, among others. Headquartered in San Francisco, Coalition's team is global with employees based across the United States, Canada, the United Kingdom, Switzerland, and Portugal.

About the Role

We are looking for a Senior Security Operations Analyst (remote) to augment and expand our internal security program at Coalition. This role will serve as a full-spectrum security operations analyst providing analysis and triage across systems, internal incident response services, and design/buildout of new security programs. The role will report to the Director of Security & Infrastructure under the Engineering department and partner with the IT, Security Engineering, and Platform Engineering teams.

Responsibilities

• Providing expert experience building information security programs to include hands-on implementation and/or assessment of security controls.
• Evaluation, testing, implementation, and operation of endpoint and network-based security tools.
• Providing expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence.
• Assisting with developing information security plans and policies, performing regular audits of internal security controls, and refining internal incident response procedures.
• Monitoring logs, behavioral data, and other data sources to hunt for indicators of compromise across the organization.
• Managing compliance initiatives including scheduling, ticketing of deliverables and remediations, and tracking cross-functional dependencies.
• Staying abreast of the current regulatory environment, industry trends and related implications.

Requirements

• Minimum of 5 years of security analysis or security operations experience; Bachelor's degree in a technical discipline (or equivalent work experience).
• Demonstrated expert understanding of the life cycle of network threats, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures.
• Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.
• Knowledge of TCP/IP Protocols, network analysis and network/security applications, including log and network traffic capture analysis.
• Expertise with security information and event management (SIEM) systems and SIEM rule writing. Knowledge and operational use of major cloud technologies.
• Incorporates Cyber Threat Intelligence and Cyber Security Awareness concepts into programs as necessary to address risk from internal and external threats.
• Ability to communicate effectively to both technical and non-technical audiences; can articulate security risk and mitigating controls to management.

Bonus

• Knowledge of tiered operational support involving all aspects of the monitoring, response and triage of cybersecurity events.
• Experience with SOAR platforms (Demisto, Phantom, etc.).
• Knowledge of industry standard frameworks and compliance – NIST, ISO, PCI, SOC, GDPR, etc.
• Experience with MITRE ATT&CK framework, and ability to adapt these adversary techniques, tactics, and procedures to IDS and SIEM rules.
• Experience with vulnerability scanning and management tooling, such as Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, or other offensive tools.
• Knowledge of programming and scripting for development of security tools and industry frameworks is helpful.

Why Coalition?

Our goal is to harness the power of technology with the safety of insurance, to provide the first holistic solution to cyber risk. Coalition's culture is one that strongly values humility, authenticity, and diversity. We want to work with people of different backgrounds and different paths in life, and we trust our team members to take responsibility, share ownership and work for one another. We are always looking for collaborative, inquisitive and dedicated individuals to join our team.

Recent press releases:

https://news.crunchbase.com/news/coalition-raises-175m-at-a-1-75b-valuat...

https://www.insurtechinsights.com/cyber-insurance-startup-coalition-rais...

https://www.insurancebusinessmag.com/us/news/cyber/coalition-raises-175-...

Coalition is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.