Cybersecurity Operations Analyst
Anduril is a defense technology company, bringing Silicon Valley talent and funding to the defense sector. Our technology helps our customers solve their toughest challenges by enabling them to make better, more informed decisions in life-and-death situations. We’ve assembled a diverse team of experts in artificial intelligence, computer vision, sensor fusion, optics, and data analysis that are creating software and hardware solutions to radically evolve the capabilities of the United States and our allies.
This is an early stage security operations analyst role that will sit on the front lines of Anduril’s Computer Security Incident Response Team (CSIRT). You will have the latitude to craft sophisticated attack detections, investigate intrusions, and architect our network security defenses against technologically capable adversaries and cyber crime.
This is an opportunity to get security right from the beginning at one of the fastest growing tech startups in the world.
If that sounds compelling to you, let’s talk.
Responsibilities
- Triages and investigates potential computer security incidents.
- Analyzes security logs from a variety of sources to include corporate, cloud, and operational networks.
- Proactively hunts for threats across Anduril’s environment.
- Researches emerging attacker tradecraft and engineers robust monitoring and detection logic to mitigate.
Requirements
- Background in security operations, incident response, intrusion detection, or forensics.
- Knowledge of modern attacker tradecraft and techniques as outlined in MITRE ATT&CK.
- Knowledge of Windows, Mac, and Linux operating system internals and logging mechanisms.
- Knowledge of event monitoring tools like Splunk or other SIEMs.
- Familiarity with disparate environments including cloud systems and endpoints.
- 2+ years experience as security operations analyst or incident handler
- Have participated in real world incidents involving intrusion detection, response, and remediation
Preferred Qualifications
- Familiarity with embedded / IoT systems
- Familiarity with Zero Trust / BeyondCorp principles
- Knowledge of scripting languages like Python and Powershell
- Secret or TS/SCI clearance (or willingness to be cleared)
U.S. Person status is required as this position needs to access export controlled data. If you are passionate about solving problems that have real impact, come join Anduril and build the future of defense.