Product Security Analyst III | SOC

At ExtraHop, we're on a mission to help organizations achieve complete visibility, real-time threat detection, and proactive security through cutting-edge network detection and response (NDR) technology. Our NDR product is a market leader, providing our customers with the ability to detect, investigate, and respond to threats faster than ever before.

We’re proud of the work we do and the recognition we’ve received, including our recent Gartner Peer Insights award, which reflects the trust and satisfaction our customers have in our solutions.

If you're passionate about innovation, dedicated to protecting digital infrastructures, and ready to make a real impact, we invite you to join our team and help us shape the future of cybersecurity.

Position Summary

By joining ExtraHop as a Product Security Analyst, you’ll directly contribute to strengthening the security posture and ensuring the secure operation of ExtraHop’s market-leading cyber security products. This is an opportunity to collaborate with top-tier professionals, to learn and innovate, and grow your skills in cyber, cloud and product security.

You will play a key role in defining and running security operations, including security monitoring, incident response and vulnerability mitigation. Collaborating across teams and supporting ExtraHop’s production cloud service offering, your work will have a direct impact on the success of the company and your fellow colleagues.

We are looking for candidates with prior cyber security operations and incident response experience and who have a good foundational understanding of web applications, public cloud infrastructure, Linux systems, and container technologies. 

Key Responsibilities

• Work with security information & event management (SIEM), endpoint detection & response (EDR), network detection & response (NDR) tooling and other systems to perform security investigations
• Operate and improve SIEM, EDR, NDR and others tools; implement, evaluate and tune detection rules
• Implement tools and scripts to automate monitoring and response activities
• Perform and/or lead security incident response activities
• Perform threat hunting activities to proactively assess system activity and search for indicators of compromise
• Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections
• Contribute to vulnerability detection and response pipelines, including tools, reporting and tracking 
• Triage vulnerabilities; recommend and coordinate remediation actions 
• Collaborate with Product Security team members to contribute to standards, policies, procedures, documentation, and training 
• Other duties as assigned

Required Qualifications

• 4+ years of experience in cyber security or closely related roles
• 2+ years of which should be hands-on experience specifically fulfilling security monitoring, threat hunting and incident response duties
• Bachelors degree or equivalent experience in a related field such as Cybersecurity, Computer Science, Information Systems, Engineering or other technical field
• Direct experience with a modern SIEM platform, including creating dashboards and searches, tuning detections, and responding to alerts
• Direct experience with server endpoint detection & response (EDR)
• Technical knowledge of Linux systems, web application security and cloud security, including security principles and best practices for cloud-based environments
• Proficient with security tools, including vulnerability scanners, ticketing systems
• Strong analytical skills to effectively manage and resolve security issues
• Proven ability to communicate complex security concepts
• Must be a U.S. citizen or 
• Note: employees, including fully remote staff, are expected to attend two in-person events every year. These events are typically held in our offices in downtown Seattle and run 4-5 days each

Preferred Qualifications

• Direct experience with Splunk Enterprise Security, Crowdstrike Falcon, and ExtraHop RevealX NDR
• Experience with Amazon Web Services (AWS), Google Cloud Platform (GCP), and common compute services and data stores
• Experience working with container-based environments (Kubernetes, Docker, LXC, etc.)
• Holds one or more security certifications

The base salary for this position rages from 130,000 - 160,000 plus bonus + benefits

ABOUT EXTRAHOP 

ExtraHop is the cybersecurity partner enterprises trust to reveal the unknown and unmask the attack. We’re on a mission to protect and propagate trust by revealing the cybertruth, and we partner with every customer, every day, to uncover it. Our Reveal(x) 360 platform is the only network detection and response solution delivering the 360-degree visibility needed to see everything on the network. When organizations have full network transparency with ExtraHop, they can see more, know more, and stop more cyberattacks.

ExtraHop is recognized by leading organizations for both its innovation in the market and its commitment to building a world-class team. We’ve been recognized as a “Customer’s Choice” by Gartner Peer Insights™ Voice of the Customer, and as a Leader in the Forrester Wave®: Network Analysis and Visibility, Q2 2023. ExtraHop has won AI Breakthrough Awards four times (2018-2020, 2023) and our Channel Partner program has received a 5-star rating from CRN for our 2023 Partner Program Guide. Our flagship product, Reveal(x), has received numerous accolades, including a 2022 Edison Award for Cybersecurity. 

Employees' wellbeing is top of mind for the ExtraHop team. Employees and their families will have the option to participate in the following benefits:

• Health, Dental, and Vision Benefits
• Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time
• Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan
• FSA and Dependent Care Accounts + EAP, where applicable
• Educational Reimbursement
• 401k with Employer Match or Pension where applicable
• Pet Insurance (US Only)
• Parental Leave (US Only)
• Hybrid and Remote Work Model

*Candidates should note that the Company may modify reporting relationships, job titles and compensation, including commissions and benefits, from time to time at its sole discretion, as it deems necessary, with or without prior notice.

We are intentional about our culture, diversity, and inclusion, and we welcome everyone to come ready to participate in contributing to this truly unique environment. At ExtraHop, we believe that the best products, services, and companies are built by strong teams that include a diversity of backgrounds, perspectives, ideas, and experiences. We are committed to supporting and enabling growth and opportunity for every employee at every level. This is the foundation of our success. 

We are equally committed to equal employment opportunity, and it is foundational to how we recruit and hire our talented team. Employment is determined based upon capabilities and qualifications without discrimination on the basis of race, color, religion, sex, gender identification and expression, marital status, military status, pregnancy (including but not limited to potential pregnancy and pregnancy-related conditions), sexual orientation, age , national origin, ancestry, citizenship or immigration status, disability ,, genetic information, or any other protected class as established by law.

Our people are our most important competitive advantage, leading the charge cyber criminals and insider threats.

Ready to join us?   #Extrahop #Security #NDR #informationsecurity #cybersecurity #cloudsecurity #infosec #LI-Remote