Job SummaryThe Endpoint Detection Response analyst is a highly motivated individual with a passion for research and uncovering cybersecurity threats. This person is capable of communicating security vulnerabilities and remediation techniques while providing services to improve the security program and our customers' trust. The EDR analyst is the expert in detection and incident response disciplines; current threats, modern attacker exploits and persistence techniques. The EDR Analyst will be responsible for monitoring/detecting security events, researching and classification of threats, and providing detailed analysis and remediation steps. They should exhibit a strong understanding of network and endpoint security, current TTPs, and be able to articulate to various levels of technical audiences industry best practices, to provide an enhanced security posture.
Respond to EDR events, and provide detailed investigation and incident details, in a manner that customers can digest and quickly resolve security issues/risks.
Analyze protocols, OS logs, audit logs, registry changes, and processes to detect anomalous/malicious activity and take appropriate mitigation actions as necessary.
Perform new IoC searches, create playbooks, identify new searches to monitor/detect anomalous/malicious activity.
Be able to work independently, act decisively, and exhibit sound thought processes in monitoring the EDR customer base and resolving security/risk issues.
Be able to research and write case studies for training purposes and hand off to threat hunters for reporting.
Gather KPI metric data proving value, alerting statistics, and routine information for reporting and communication as necessary with EDR customers or potential customers.
Coordinate with the Threat Intelligence team on current threats and TTP.
Employees at all levels are expected to:
Understand our Operating Principles; make them the guidelines for how you do your job.
Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services.
Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences.
Win as a team - make big things happen by working together and being open to new ideas.
Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers.
Drive results and growth.
Respect and promote inclusion & diversity.
Do what's right for each other, our customers, investors and our communities.
This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.
Comcast is an EOE/Veterans/Disabled/LGBT employer.
While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
Relevant Work Experience
Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the [Register to View] on our careers site for more details.