Job Description

Why it’s worth it:

At ReliaQuest, we do things differently. We do not limit your professional growth with outdated

job titles and responsibilities. Why be just a “Security Analyst”, “Detection Developer”

, or “Security Engineer” when you can be all three? As a GreyMatter Specialist, you will do all of

that and more. This role is uniquely designed to combine skills of threat detection, engineering,

and incident response. On our team, we give you the opportunity to make an impact starting

from day one.

In this role, you’ll develop a diverse skill set which normally takes years to learn—all within your

first year. Our industry-leading security operations platform, GreyMatter and immersive training

will afford you the tools, experience, and opportunities to grow your career. Whether you’re

conducting advanced investigations, troubleshooting technical challenges or providing customer

recommendations, you’ll be solving real-world challenges and driving impact daily for our

enterprise customers.

As part of the ReliaQuest team, you will receive mentorship and hands-on experiences while

working alongside world-class teammates who share a high-performance mindset. In this

environment, your expertise will propel you years ahead of your peers limited to traditional SOC

roles. If you are looking for the monotony of manually working security alerts, this job is not for

you; but if you are ready to be challenged, we are ready to invest in you.

The everyday hustle:

• Be a trusted technical advisor, resolving customer challenges from start to finish.

• Provide analysis and recommendations to customers based on alert activity, response

playbook availability, and investigations.

• Triage and fine-tune security alerts, Digital Risk Protection (DRP) alerts, and engineering

health alerts to ensure optimal performance.

• Integrate and configure log sources for existing customers.

• Troubleshoot and resolve issues related to data parsing and ingestion to ensure smooth

operations and data accuracy.

• Independently integrate and configure log sources, handling both administrative tasks and

ad hoc requests to complete work efficiently.

• Deploy and fine-tune detection rules using GreyMatter Detect.

• Employ the Cyber Analysis Methodology to conduct investigations.

• Conduct advanced investigations, including Tier 3 incidents, ad-hoc threat hunts, and

customer-requested analyses.

• Communicate effectively with customers regarding engineering and Incident Response

(IR) escalations.

• Spend 75% of your day in front of the customer

Do you have what it takes?

• Bachelor's degree in a related field

• Understanding of cybersecurity and IT disciplines including networking, operating systems,

authentication protocols, general enterprise network, architecture, and security incident

response.

• Knowledge of TCP/IP Protocols, network analysis, and network/security applications

• Basic knowledge of Linux/Unix operating systems

• Ability to blend your technical and communication skills to advise the customer

• Must demonstrate great attitude, energy, and effort

• Must be adaptable, focused, accountable, and helpful

• Must demonstrate excellent verbal and written communication skills (English language)

What makes you uncommon? (not required)

• Certifications such as Network+, Security+, CySA+

• 1-3 years' experience as a Security/Network Administrator or equivalent knowledge

• Prior SIEM experience and/or administration

• Hands-on experience with parsing data, log formats, regular expressions

• Scripting experience (bash, PowerShell, python)

• Multiple OS experience (mac, windows)

• Knowledge of various security methodologies and processes, and technical security

solutions (SIEM, IDS/IPS, Firewall Solutions, Offensive Security tools)