Security Analyst

The Company

Simply put, SpryPoint provides Smart Solutions for Smart Utilities.

Founded in 2011, SpryPoint is a leading provider of cloud-based solutions for the utility sector. Our team of experts has extensive experience serving utilities across North America, and we are dedicated to helping our clients improve their operations and better serve their customers. Our solutions include advanced billing and customer relationship management tools, as well as powerful analytics and data management capabilities. We are proud to have been recognized by industry experts and our clients alike for the value and innovation we bring to the market. 

In February of 2023, SpryPoint received a strategic investment from Norwest, a leading venture and growth equity investment firm. With this investment, SpryPoint will build on its significant business momentum over the past three years, expanding its team and positioning the company to continue increasing market share of its mission-critical, cloud-native solutions for smart utilities.

Position Overview

At SpryPoint, our Security Team boosts cyber resilience by finding and fixing potential vulnerabilities through attack simulations. This role works closely with IT, DevOps, and Development teams to identify and strengthen detection gaps and control weaknesses, enhancing our cyber defense.

We're looking for someone eager to learn and great at problem-solving. If you know what links DEADBEEF to the cDc, and know “Free Kevin” is not a Home Alone movie you may be the person we need. If you are ready to hit the ground running, this role is perfect for you.

Responsibilities

• Quickly understand and use SpryPoint’s SOC technologies, including a Security Information Event Management (SIEM) platform, Intrusion Detection System (IDS), Endpoint Detection & Response (EDR) solution, and insider threat tools.
• Be the go-to expert on intrusion detection and incident response (IR).
• Respond to security events and threats, managing the incident response process from start to finish.
• Lead complex investigations and analyze security events across various platforms, focusing on quick containment and remediation.
• Perform Threat Hunting activities when not involved in IR tasks.
• Research, simulate, and run penetration tests using open source tools.
• Lead security projects and activities with other teams as needed.
• Work closely with IT to improve monitoring, detection, tools, and integrations.
• Keep up with industry cybersecurity attacks and vulnerabilities, and proactively address potential risks (e.g., SolarWinds, Log4j).
• Provide high-quality written and verbal reports as needed.

Qualifications and Competencies

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a similar field preferred. In lieu of education requirements, relevant industry experience will be considered.
• 5+ years of Security Operations Center (SOC) and Incident Response (IR) experience.
• Understands threat analysis models like MITRE ATT&CK Framework and the Cyber Kill Chain.
• Familiarity with OWASP ZAP, Burp Suite, Metasploit, OpenVAS, NMAP, or similar tooling.
• Experience with Linux and MacOS operating systems and threats that target them.
• Cloud security experience – AWS preferred.
• Python and terraform/OpenTofu are nice to have.
• Demonstrated curiosity and a strong desire to continually learn.
• Ability to work independently, solve problems effectively, and hit the ground running.