logo inner

Security Analyst - Forensics, Threat Hunting, IOCs

Crosslake TechnologiesCharlotte, North Carolina, United StatesRemote, Onsite
(this position is US based, 1099, remote role )
What we believe  In the past two years, more than a trillion dollars have been invested in software companies at record prices. And in many cases, the underlying tech is the greatest enabler to the business strategy. But has the approach to govern technology value creation caught up to the magnitude of the risk?   We believe a better way is possible – a more programmatic, proactive approach to actively manage technology throughout the investment lifecycle – and that’s what we do.   Our role  We know that technology can create truly transformative change, and its role in business is only growing.

Crosslake is here to support the changemakers and help them buy, build and run better technology.   What we value  You could be a good fit for Crosslake if you see yourself reflected in our guiding values:   Service. We effect change by empowering others.  Curiosity. We believe great advice starts with deep understanding.  Credibility. Our expertise is earned and proven.   Commitment. It’s our privilege to serve clients in their critical moments.   Creativity. We are inspired by the constant pursuit of better. 

Overview


We are seeking a Security Analyst with experience conducting compromise assessments and advanced threat detection activities. The analyst will play a key role in identifying potential breaches, evaluating security posture, and providing actionable insights to reduce organizational risk. This role involves close collaboration with clients and internal teams to assess environments for evidence of malicious activity, uncover gaps in defenses, and recommend remediation strategies.

Responsibilities


  • Perform compromise assessments across enterprise networks, identity platforms, cloud environments, and endpoints to detect active or historical intrusions.
  • Identify, analyze, and validate indicators of compromise (IOCs), malicious artifacts, and persistence mechanisms.
  • Conduct threat hunting using endpoint and log data to uncover stealthy adversary activity.
  • Leverage forensic tools to analyze system images, memory captures, and network traffic for signs of malicious behavior.
  • Map adversary techniques to the MITRE ATT&CK framework and provide context on TTPs observed.
  • Develop and deliver detailed technical and executive-level reports summarizing findings, risk implications, and prioritized remediation steps.
  • Collaborate with incident response teams, SOC analysts, and client IT/security staff to validate findings and strengthen detection capabilities.
  • Contribute to the continuous improvement of methodologies, playbooks, and automation for compromise assessments.

Required Qualifications


  • 4-8 years of experience in cybersecurity, digital forensics, or incident response.
  • Experience with all “Tool Categories and Examples” categories and  hands-on experience with at minimum one tool in each section
  • Strong familiarity with public cloud providers (e.g. Amazon Web Services, Google Cloud, Microsoft Azure)
  • Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and familiarity with MITRE ATT&CK.
  • Experience conducting forensic analysis of endpoints, logs, and network data.
  • Strong written and verbal communication skills, with ability to create reports tailored to both technical and executive audiences.
  • Industry certifications such as GCFA, GNFA, GCIH, CySA+, or Security+. (Preffered)

Tool Categories and Examples


  • Endpoint & Host Forensics - Velociraptor, KAPE (Kroll Artifact Parser & Extractor), FTK Imager / EnCase / X-Ways, Volatility / Rekall, Sysinternals Suite
  • Endpoint Detection & Response (EDR) - CrowdStrike Falcon, SentinelOne, Carbon Black, Microsoft Defender for Endpoint, Sophos Intercept X
  • SIEM & Log Analysis - Splunk, Microsoft Sentinel, Elastic (ELK Stack), IBM QRadar, LogRhythm
  • Network & Traffic Analysis - Wireshark / tcpdump, Zeek (Bro), Security Onion, Arkime (Moloch)
  • Threat Intelligence & IOC Enrichment - MISP, VirusTotal, Hybrid Analysis, AlienVault OTX, ThreatConnect, Anomali, MITRE ATT&CK Navigator
  • Cloud & SaaS Visibility - AWS GuardDuty, CloudTrail, Security Hub, Azure Security Center, Defender for Cloud, Sentinel, Google Chronicle, Security Command Center, Prisma Cloud, Wiz, Orca
  • Scripting & Automation - Python, PowerShell, Bash, jq, Sigma rules, YARA rules

Key Attributes


  • Analytical thinker with strong investigative skills.
  • Comfortable working in fast-paced, incident-driven environments.
  • Ability to navigate discussions with executives and engineers alike.
  • Strong attention to detail and ability to connect technical findings to business impact.
  • Collaborative and client-focused, with a commitment to delivering high-quality assessments.

Apply for this job

Life at Crosslake Technologies

At Crosslake, we help companies build and run better software. From strategic vision to planning and architecture, development and execution, Crosslake works to transform and optimize software delivery. In addition to our functional skills in software development, Crosslake provides end-to-end value with our expertise in management consulting and advisory services providing both strategic and tactical insight. Software development will continue to be disrupted by new technology and changing competitive landscapes, so the agile approaches, development teams, architecture, processes and tools must also adapt. We've been organizing and empowering teams to rally around change for years. We work with software development and IT organizations of commercial software or technology-enabled services, as well as private equity companies and investment portfolios all over the world. How We Help: -Enhance product value and quality -Increase engineering effectiveness -Reduce time to market -Implement best practices and tools -Deliver measurable improvements
Thrive Here & What We Value1. Programmatic, proactive approach to actively manage technology throughout the investment lifecycle2. Support for changemakers who buy, build and run better technology3. Empowering others through effecting change4. Constant pursuit of better solutions5. Diverse organization with pride in diversity6. People of varied ethnicity, gender, sexual orientation, religion, and political outlook7. Belief that technology makes a difference8. Service-oriented approach to technology value creation9. Proactive approach to managing technology throughout the investment lifecycle10. Guiding values include service, curiosity, credibility, commitment, and creativity
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025