Intrusion Monitoring Analyst

Albany | Norwalk | Rochester

Datto, the world’s leading provider of IT solutions delivered through managed service providers, is looking for an Intrusion Monitoring Analyst to join a growing team. Datto is a creative company at its core and is an exciting and dynamic workplace. We're 100% focused on our managed service provider partners and believe that with the right technology, managed service providers can change how businesses around the world operate. Datto provides data protection, business continuity, networking, business management, and file backup and sync products that empower and protect the clients of our 14,000+ partners. We're headquartered in Norwalk, Connecticut and have 22 offices worldwide.

Datto is looking for an Intrusion Monitoring Analyst to enhance their existing security event monitoring practices as an essential member of the security operations program. The Intrusion Monitoring Analyst will partner with engineering teams to advance intrusion monitoring visibility, workflows, and program capabilities. The role will report to the head of security operations. This is a hands-on technical individual contributor role that will work with a variety of tools to protect the enterprise and offer both monitoring and engineering experience. You are an ideal candidate if you have experience in intrusion monitoring and incident response and want to improve a program, gain security engineering experience, and perform incident response in a large-scale environment.

Does This Describe You:

You are a self motivated strategic thinker, passionate for intrusion analysis, and you’re devoted to learning everything you can about the way attackers compromise companies and how to detect them.

A Look Inside the Job:

  • Perform the intrusion analysis and daily monitoring responsibilities of a security operations analyst
  • Research, create, test, and tune custom correlation rules in a variety of security controls. 
  • Provide support to security engineering projects of varying size and technical complexity to enhance the intrusion monitoring posture
  • Establish process and documentation that support achievement of compliance programs
  • Create, maintain and execute incident response playbooks
  • Manage workflow automation, threat intelligence, and case management life cycles
  • Stay up-to-date with news and trends in information security including new vulnerabilities, methodologies, and products

About You:

  • Bachelor's degree in computer science, information technology, management information systems or equivalent work experience
  • 1-3 years of experience in a security event analysis, intrusion monitoring, or incident response role
  • Direct hands-on working knowledge with a variety of security technologies including UTM, NGAV, SIEM, IDS/IPS, EDR, DLP, CTI, UEBA, SOAR
  • Solid understanding of network protocols, architecture, and network analysis techniques
  • Solid understanding of correlating host based logs and/or telemetry
  • Solid understanding of kill chain analysis and identifying anomalous behavior
  • Experience using commercial and open source threat intelligence resources
  • Experience analyzing Linux systems and environments for malicious activity
  • Familiar with SANS 20 Critical Controls, OWASP Top 10, Lockheed Cyber Kill Chain, Mitre ATT&CK, and other frameworks

Bonus Points:

  • Relevant security certification such as GCIA, GNFA, GCIH, GCFE, etc
  • Relevant systems certification such as MCSA, MCSE, RHCSA, or LPIC
  • Experience with scripting and system automation (Bash, Python, Perl, Awk, etc.)
  • Experience with disk/memory forensics and/or malware reverse engineering

At Datto, we believe our employees are our greatest asset and offer all full-time employees a wide-ranging benefits package, including:

  • Comprehensive health-care benefits
  • Free lunch every Friday
  • Flexible paid time off policy
  • Free food, drinks, and fresh organic fruit
  • Fitness reimbursement
  • Charity match program
  • Education reimbursement
  • And more!

By submitting an application, you acknowledge we will process your data in order to consider you for the position you apply for and for other open positions within our company for which you may be suited.  We collect and store your data in accordance with our Recruiting Privacy Practices.

Datto is an equal opportunity employer.

Intrusion Monitoring Analyst

Demographic Questions

Individuals seeking employment at Datto are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. In order to track the effectiveness of our recruiting efforts and ensure we consider the needs of all our employees, please consider answering the following questions.

Completion is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter and any information that you do provide will be recorded and maintained in a confidential file.

Your responses to any of the following questions will be anonymized and only used to improve Datto’s diversity and inclusion initiatives. These responses will not be used / reviewed in connection with your application for employment.

I identify my gender as:

I identify as transgender:

I consider myself a member of the LGBTQ+ community

I identify my sexual orientation as:

I identify my ethnicity as:

Veteran status:

I have a physical disability:

loadingspinner

Sorry, your application was not successfully submitted

Hurray! Your application was successfully submitted

Back to Careers