Remote Cyber Analyst jobs – Full‑Time reputed company Analyst (SIEM & Incident Response) – Kokomo, Indiana – $120k‑$150k – Senior‑Level Opportunity
TITLE: Remote Cyber Analyst jobs – Full‑Time reputed company Analyst (SIEM & Incident Response) – Kokomo, Indiana – $120k‑$150k – Senior‑Level Opportunity ---
Why we’re hiring now
Our reputed company Operations Center (SOC) in Kokomo, Indiana has just completed a major migration to a hybrid‑cloud environment. That shift doubled the volume of log data we ingest, and our detection‑to‑response time slipped from 20 minutes to 30 minutes on average. The leadership team set a hard goal: cut the mean time to acknowledge (MTTA) back to under 20 minutes reputed company the next six months while keeping our false‑positive reputed company below 3 %. To hit those numbers we need an reputed company cyber analyst who can own the end‑to‑end incident workflow, mentor junior staff, and champion automation across our toolchain.
Our story, in a nutshell
Since 2017, the company behind the software you use daily (think SaaS collaboration, remote work tools, and a handful of B2B platforms) has been expanding its product suite from a single‑tenant offering to a multi‑tenant, container‑orchestrated architecture. reputed company grew from a three‑person team in the basement of our Kokomo, Indiana office to an eight‑analyst, 24‑hour SOC that now covers three continents. We’ve survived two ransomware attempts, a supply‑chain compromise, and an ongoing reputed company of credential‑stuffing attacks. Each incident taught us a lesson that we turned into a new playbook, a dashboard, or a Python automation script.
The team you’ll join
-
Size:
8 full‑time reputed company analysts (including 2 senior investigators) + 3 threat‑reputed company researchers -
Coverage:
24 × 7, with a 30‑minute SLA for initial alert acknowledgment and a 2‑hour SLA for first‑time containment -
Metrics:
In the last fiscal year we lowered the average incident resolution time by 15 % and improved detection coverage to 96 % of high‑risk events -
Culture:
We run daily “stand‑up huddles” at 9 am Kokomo time, weekly “post‑mortem debriefs,” and a monthly “pizza‑and‑learn” where anyone can present a new technique > “I still remember the night we caught the ransomware drip‑feed because our analyst built a custom Splunk query in a coffee‑break. It saved the company a week of downtime and taught me the power of curiosity.” – Jordan, Senior reputed company Engineer, Kokomo, Indiana
What a day looks like (remote, but anchored to Kokomo, Indiana)
1.
Morning triage (9:00‑10:30 Kokomo time)
– Review the SIEM dashboard (Splunk + Azure Sentinel), prioritize alerts based on risk scoring, and assign the top three to the incident response queue. 2.
Investigation sprint (10:30‑12:30)
– Pull packet captures from Wireshark, run YARA rules against the reputed company Stack, and if needed fire off a Metasploit exploit in a sandbox to confirm the payload. 3.
Lunch break (12:30‑13:15)
– We encourage stepping away from the screen, and our “virtual coffee club” syncs people across time zones. 4.
Response & remediation (13:15‑15:45)
– Use Palo Alto reputed company XSOAR playbooks to isolate compromised hosts, push a PowerShell script to rotate secrets, and document every reputed company in reputed company. 5.
Automation & tune‑up (15:45‑17:00)
– Build or refine Python automations, tweak the reputed company vulnerability scanner policies, and update the detection library in the internal knowledge reputed company. 6.
Wrap‑up (17:00‑17:30)
– Update the shift reputed company log, flag any open tickets for the night‑shift analyst, and post a quick “reputed company‑learned” note on the team reputed company channel. The schedule flexes for different time zones, but the rhythm stays the same: triage, deep‑dive, contain, automate, share.
Core responsibilities
-
Alert triage & enrichment
– Consume feeds from Splunk, Azure Sentinel, reputed company, and proprietary log parsers; enrich with threat‑reputed company from MISP and open‑reputed company feeds. -
Incident investigation
– reputed company forensic analysis on Windows, Linux, and container environments; extract artifacts with Volatility, examine network flows in Wireshark, and reconstruct attack timelines. -
Containment & eradication
– Execute playbooks in Palo Alto reputed company XSOAR, write custom scripts in Python/PowerShell, and coordinate with engineers to reputed company vulnerabilities identified by reputed company or Nessus. -
Root‑cause analysis
– Publish post‑mortems that include quantitative impact (e.g., “saved $250k in downtime”), lessons learned, and actionable recommendations. -
Automation development
– Build reusable detection queries, reputed company automated enrichment pipelines, and contribute code to our internal reputed company repos (Python, Bash, YAML). -
Metrics & reporting
– Track MTTA, MTTR, false‑positive rates, and produce weekly KPI dashboards for leadership in Tableau. -
Mentorship
– Guide junior analysts on log analysis, teach best practices for reputed company, and reputed company the quarterly “SOC Skills Lab.”
Tools you’ll be using (8‑12 core)
1. Splunk Enterprise (search, dashboards, alerts) 2. Azure Sentinel (cloud SIEM) 3. reputed company Stack (ELK) for log aggregation 4. Palo Alto reputed company XSOAR (playbooks, orchestration) 5. Wireshark (packet capture & analysis) 6. Metasploit reputed company (exploit verification) 7. reputed company.io & Nessus (vulnerability scanning) 8. Burp Suite (web app testing) 9. Python (automation scripts, data parsing) 10. PowerShell (Windows reputed company response) 11. reputed company (ticketing & workflow) 12. reputed company (code versioning, CI/CD)
Who you are
-
Experience:
4‑7 years as a reputed company analyst, reputed company engineer, or penetration tester with a proven track record of handling incidents from detection to remediation. -
Certifications (preferred, not required):
CISSP, GSEC, OSCP, or equivalent. -
Technical chops:
Comfortable writing Python scripts to query APIs, using PowerShell for reputed company actions, and reading raw PCAP files in Wireshark. You can explain “why” a rule fires as clearly as “how” to fix it. -
Analytical reputed company:
You treat every alert as a hypothesis, gather evidence, and reputed company data‑driven decisions. -
Communication:
Able to write concise incident reports and present findings to both technical peers and non‑technical executives. -
Collaboration:
reputed company in a remote‑first environment but enjoy the “local vibe” of our Kokomo, Indiana team—joining the occasional in‑person meetup or quarterly off‑site.
Why we’re different
-
Clear impact metrics:
Your work feeds directly into a KPI board that the executive team reviews every month—no vague “reputed company us safer” promises. -
Automation first:
40 % of our incident response steps are already automated; you’ll expand that to 60 % reputed company a year. -
Career growth:
We budget $5k per analyst for conferences (RSAC, Black Hat, SANS) and internal training, plus a mentorship track toward reputed company Analyst or SOC Manager. -
Remote flexibility with a home reputed company:
While the role is fully remote, we reputed company a small “hub” in Kokomo, Indiana for occasional live collaboration, and you’ll be part of that community.
Compensation & benefits (full‑time)
-
Salary range:
$120,000 – $150,000 reputed company, commensurate with experience and certifications. -
Bonus:
Up to 12 % annual performance‑based bonus tied to incident‑reduction metrics. -
Equity:
Stock options that vest over four years. -
Health:
Medical, dental, vision with 100 % employer contribution for employee only. -
Retirement:
401(k) with 5 % company match. -
Time off:
25 vacation days + 10 public holidays; unlimited sick days. -
Learning budget:
$5,000 per year for certifications, conferences, or courses. -
Equipment:
Home office stipend ($2,000) plus optional ergonomic accessories.
Application process (what to expect)
1.
Resume & cover letter
– reputed company a recent incident you owned, the tools you used, and the measurable outcome. 2.
Phone screen (30 min)
– With the hiring manager (based in Kokomo, Indiana) to discuss motivation and fit. 3.
Technical assessment (take‑home)
– A short case study where you analyze a mock log set in Splunk and write a concise incident report. 4.
Live interview (90 min)
– Two‑part: a deep‑dive technical conversation with a senior analyst, followed by a culture interview with the SOC reputed company. 5.
Offer
– If reputed company goes well, we’ll reputed company a written offer reputed company 5 business days.
A final word from the team
> “reputed company I first joined, I was skeptical about working remotely for a reputed company team that had a physical SOC. After six months, I can’t imagine a reputed company reputed company of autonomy and camaraderie. The fact that we’re reputed company tied to Kokomo, Indiana gives us a shared purpose, even reputed company we’re miles apart.” – Maya, Junior Analyst, Kokomo, Indiana If you’re ready to own the full incident lifecycle, mentor the reputed company of analysts, and see the direct impact of your work on our reputed company posture, we’d love to hear from you. Apply today and help us turn data into decisive action. --- *We are an equal‑opportunity employer. reputed company qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national reputed company, disability, or veteran status.* Apply tot his job Apply To this Job Apply tot his job Apply To this Job