Cyber Threat & Response Engineer (L2) jobs in United States
info-icon
This job has closed.
company-logo

Perennial Resources International · 14 hours ago

Cyber Threat & Response Engineer (L2)

positionSt. Paul, MN
timeFull-time
remoteOnsite
seniorityMid Level
date4+ years exp

Perennial Resources International is seeking a Cyber Threat & Response Engineer (L2) to enhance their cyber defense capabilities. The role involves monitoring security alerts, investigating suspicious activities, and leading incident response efforts to mitigate threats effectively.

ConsultingInformation Technology

Responsibilities

Own the front lines: Monitor and dissect security alerts provided from managed services providers, SIEM, EDR, and advanced detection platforms to uncover potential threats before they strike
Investigate like a hunter: Dive deep into suspicious activity, correlating signals across multiple sources to reveal scope, impact, and adversary intent
Lead the charge: Drive containment, eradication, and recovery for low to moderately complex incidents—keeping attackers on the run
Escalate with precision: Deliver detailed, actionable intelligence to senior engineers and management, ensuring rapid and effective resolution
Close the loop: Support remediation during active incidents and contribute to post-incident reviews to strengthen defenses and eliminate gaps
Turn Client into action: Apply threat intelligence, behavioral analytics, and contextual data to sharpen detection and response capabilities
Engineer smarter defenses: Partner with detection engineering teams to design, test, and fine-tune detection rules and use cases
Analyze the unknown: Perform malware triage, log correlation, and network traffic inspection to uncover hidden threats
Stay ahead of the curve: Track evolving attacker tactics, techniques, and procedures (TTPs) and use that knowledge to outsmart adversaries
Bridge the gap: Work closely with IT, OT, and business units to validate alerts, gather context, and coordinate swift incident resolution
Drive the process: Capture investigation steps, findings, and actions with clarity and precision for future reference
Continuous improvement: Contribute to playbook enhancements, process improvements, and knowledge sharing

Qualification

SIEM experienceIncident responseThreat intelligenceScripting languagesMalware analysisLog correlationCybersecurity operationsAnalytical thinkingOperational excellenceUnderstanding attack vectorsCertificationsEffective communicationTeam playerContinuous learningAttention to detailProblem-solvingCollaborationDocumentation

Required

Experienced in triaging and investigating security alerts across SIEM, EDR, and network platforms
Skilled in correlating data from multiple sources to identify and escalate confirmed threats
Proficient in supporting incident response efforts and conducting initial root cause analysis
Strong understanding of threat intelligence and its application in operational workflows
Hands-on experience with scripting languages (Python, PowerShell, Bash) to automate investigations, parse logs, and streamline incident response workflows
Effective communicator with the ability to document investigations clearly and collaborate across teams
Committed to continuous learning and development in threat detection and response
Analytical thinker with a proactive approach to identifying and mitigating risks
Reliable team player in a 24/7 SOC environment, contributing to operational excellence
Bachelor's degree in Cybersecurity, Information Technology, or technology field (completed and verified prior to start) OR High School diploma (completed and verified prior to start) and four (4) years of hands-on experience (completed and verified prior to start) AND Two (2) years of experience in a SOC or cybersecurity operations role in a private, public, government or military environment

Preferred

Proficiency in analyzing alerts from SIEM, EDR, and network monitoring tools
Familiarity with threat intelligence, basic malware analysis, and log correlation techniques
Ability to write and use scripts (Python, PowerShell, Bash) for automation, log parsing, and incident response tasks
Understanding of common attack vectors, threat actors, and frameworks like MITRE Telecommunication&CK
Strong analytical and problem-solving skills with attention to detail
Effective communicator with the ability to document investigations and collaborate with cross-functional teams
Certifications such as CompTIA Security+, CySA+, or GCIH

Company

Perennial Resources International

twittertwitter
company-logo
Perennial Resources International is a full-service search and staffing firm.
dateFounded in 2002
location
New York, New York, USA
people-size11-50 employees
web-link
https://www.perennialresources.com

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Joseph Kelly
Partner
linkedin
leader-logo
Stephen C. Brown
Owner-Managing Partner
linkedin
Company data provided by crunchbase