Blackpoint Cyber is hiring a Senior MDR Analyst - Swing Shift

What You'll Do

Operate within a continuous 24×7 Security Operations Center to detect and investigate suspicious activity through proactive, lead-less threat hunting. Analyze anomalies across network and endpoint data to identify potential intrusions without relying on predefined alerts. Serve as a technical authority for complex incident analysis, guiding junior analysts and supporting resolution efforts across customer environments.

Produce detailed incident reports that clearly communicate findings, impact, and recommended actions. Collaborate with internal teams to refine detection methods and improve response workflows. Contribute to the development of automated tools and processes that enhance SOC efficiency and scalability. Build and maintain test environments to study emerging attack techniques and validate defensive strategies.

Evaluate sandbox outputs to extract new indicators of compromise and strengthen detection capabilities. Share insights through documentation and internal knowledge repositories to elevate team-wide expertise in threat operations.

Requirements

• Minimum of five years in information security; relevant certifications may substitute for up to one year
• At least two years analyzing endpoint data from EDR and NGAV tools, with direct involvement in incident response activities
• Strong proficiency in identifying malicious behavior in Windows systems, including malware activity, abnormal network traffic, forensic artifacts, and root-level compromise indicators
• Working knowledge of at least two operating systems: Windows, Linux, or macOS
• Experience using the ELK stack for log analysis, dashboard creation, and search queries
• Programming or scripting experience in PowerShell, Python, or Go
• Familiarity with cloud platforms including AWS (EC2, S3, IAM), Azure, and Microsoft 365 services
• Proven ability to design and execute threat hunts without predefined leads
• Flexibility to work assigned swing shift hours (4:00 PM – 12:00 AM ET), including weekends and holidays as needed
• Strong analytical and problem-solving skills, particularly in pattern recognition and anomaly detection
• Clear and effective communication abilities for summarizing technical findings for varied audiences

Preferred Qualifications

• Prior experience in a Security Operations Center (SOC), Threat Hunting, or Digital Forensics and Incident Response (DFIR) role

Benefits

• Comprehensive health, vision, dental, and life insurance coverage
• Robust 401(k) plan with company contributions
• Discretionary time off policy promoting work-life balance
• Additional workplace perks designed to support employee well-being