Security Analyst

Ideal location: Boston, MA or Louisville, CO 

ThreatX is looking for a Security Analyst to join our Security Operations Center team. This role is critical to our commitment to provide 24/7 real-time cybersecurity monitoring and incident response for our clients and internal stakeholders. As a ThreatX Security Analyst, your vigilance ensures the ongoing integrity of web applications and APIs, safeguarding them against emerging threats and vulnerabilities.

This role is pivotal in maintaining the optimal functionality of our proprietary Web Application Firewall (WAF). By collaborating with senior team members, you will test, validate, and implement new rule sets designed to proactively mitigate risks. Your foundational understanding of cloud computing and containerized technologies will be instrumental in these tasks.

The nature of this role demands keen attention to detail, especially given our round-the-clock operational environment. You’ll be responsible for behavioral analysis, threat hunting, and rapid incident response to ensure the continuous security of our clients’ assets. Your ability to automate routine tasks will contribute to the operational efficiency of our 24/7 SOC, allowing you and the team to focus on strategic security objectives.

• Linux Mastery: Proficiency in Linux-based systems is essential. You should be adept at using CLI to automate security tasks and equally comfortable explaining these procedures to a non-technical audience. GUI familiarity is a plus.
• Firewall Expertise: A deep-rooted understanding of firewall security applications, specifically TCP/IP protocols and HTTP/HTTPS headers, is required. You should also be skilled in web application protocols like websockets and capable of demystifying complex settings and rules.
• Scripting Prowess: Hands-on experience with scripting languages like Python, Bash, and JavaScript is important. Familiarity with AWS, cloud hosting, virtualization, and container technologies is highly beneficial.
• Communication Skills: Exceptional written and verbal communication is key. You should be able to translate technical jargon into layman’s terms effortlessly.
• Self-Starter Attitude: We’re looking for highly motivated individuals who thrive in a fast-paced, collaborative environment.
• Investigative Mindset: A strong desire to dig deep into issues, with an eye toward not just resolving them, but also automating processes for future data gathering and task management.
• DNS Savvy: Comprehensive understanding of DNS records, particularly NS, A, CNAME, and some forms of TXT records, is necessary.
• Certificate Know-How: A basic grasp of certificates, public/private key pairs, and encryption methods used by SSL/TLS is essential. Experience with OpenSSL is a bonus!
• Server Familiarity: Experience with headless web servers and reverse proxies is a plus, particularly if you have experience with nginx.
• Web Security Acumen: Familiarity with common web attacks and application vulnerabilities is crucial for this role, as you’ll be actively involved in identifying and mitigating potential threats.
• Availability: Willingness to work in a 24/7 operational environment, reflecting our commitment to providing continuous security monitoring to our clients.

Occasional travel will be required.