Security Analyst
Description:
Location: The company is Malta-based, however, you will be working remotely.
The Mission
At CyberSift, we don’t just monitor alerts; we build the filters that stop the noise. We are an AI-driven security firm sitting at the intersection of Machine Learning and Threat Intelligence. As a Security Analyst, you won't just be staring at a dashboard, you will be the "Human in the Loop" for our proprietary security tools, hunting for advanced threats and helping us automate the future of defense.
What You’ll Actually Do
Proactive Threat Hunting: Use our customized ML-driven SIEM to hunt threats ranging from "living off the land" attacks to zero-day anomalies across a vast array of customer environments and complex digital infrastructures.
Detection Engineering: Don’t just follow playbooks, write them! You’ll maintain and improve our install scripts and automation workflows to ensure our defense is always one step ahead.
Offensive Pivot: We believe the best defenders know how to attack. You will participate in Red Teaming and Penetration Testing engagements for our tier-1 clients.
Product Evolution: Work directly with our dev team to provide feedback on our ML models. If you see a way to make the product smarter, you’ll have the autonomy to build it.
Who You Are
The SIEM Specialist: You’ve spent 2+ years in a SOC environment and can navigate Elasticsearch/Kibana or any other SIEM
The Hunter: You can analyze Windows, Linux, and Firewall logs to reconstruct an attack narrative from raw data.
The Scripter: You speak Python and Bash. If you have to do something twice, you’ve already automated it.
Communicator: You can explain a complex exfiltration event to a C-level executive in clear English.
Perks & Culture
Innovation in Action: We don’t believe in static defense. You’ll work at the front lines of our AI development, providing the "human-in-the-loop" feedback needed to suppress false positives and improve our proprietary sifting algorithms.
The Pentesting Path: We provide a clear track for growth from SOC Operations into Offensive Security.
Full Remote Autonomy: Work from anywhere while remaining part of a tight-knit core team.
Shift Flexibility: This role operates on a rotating 24/7 schedule to ensure our global clients are always protected.
fullTime