What is the salary for this Detection & Response Analyst II role?

Salary information is not publicly listed for this position. Apply directly to discuss compensation with Todyl.

Where is this Detection & Response Analyst II position located?

This is an on-site position at Todyl located in Remote.

How do I apply for this Detection & Response Analyst II job at Todyl?

Click the 'Apply' button on this page to be redirected to Todyl's application portal. Make sure to have your resume ready and tailor your application to highlight relevant experience.

Todyl is actively hiring for Security roles. Visit the company page to see all open positions and learn more about working at Todyl.

Detection & Response Analyst II

Todyl Remote 1 day ago

security

Detection and Response Analyst II

About Us

At Todyl, we are on a mission to protect small and medium-sized businesses from ever-changing cyber threats. The Todyl platform fully integrates threat, risk, and compliance management to provide exceptional and affordable unified cybersecurity solutions to MSPs (Managed Service Providers) and their end customers.

At the end of the day, we’re here to keep our partners and customers safe and help them manage the risks and comply with regulations. Protecting others requires a team that works together with trust and cares deeply about carrying out our mission.

About the Role

We are looking for a passionate Detection and Response Analyst to join our Managed Extended Detection and Response (MXDR) team. In this role, you will have a direct impact on our partners’ security, helping safeguard their systems and data. This position offers an exciting opportunity to work collaboratively, leverage cutting-edge security tools, and build your expertise in security operations and threat intelligence.

This role reports to the Director of MXDR. Todyl has an in-office team, and this role is for our Augusta, GA or Denver, CO office. Additionally, this role is for either our evening (4PM – 2AM EST) or overnight (12AM – 10AM) shifts.

Key Responsibilities

Monitoring & Reporting: Actively monitor alerts and craft technical reports, describing the overall activity and root cause of the alert to our partners.
Collaborative Work: Work closely beside other members of the team to learn and share knowledge and collaborate on projects and incidents.
Automation & Tool Development: Independently contribute to internal projects, documentation, and develop new capabilities to automate security operations and enhance overall security.
Threat Hunting & Analysis: Support proactive threat-hunting exercises, analyze indicators of compromise (IOCs), and research malware threat families to anticipate and mitigate risks.
Incident Response: Assist in the triage and investigation of security incidents, working alongside the Detection Response Account Managers (DRAMS) or Threat Hunters, to determine root cause, scope, and impact of incidents. Ensure proper hand-off for incidents requiring containment and recovery.

Qualifications

Values Fit

Extreme ownership, particularly when things go wrong or aren’t completed on time.
Intrinsic drive for growth; self-motivated, always learning, and focused on raising the bar for self and team.
Strong bias for action with impact; make tough decisions quickly, measure results, and iterate with clarity to move the mission forward.
Comfort with ambiguity and change, embrace change and uncertainty as part of startup life.
Humility, purpose over ego to acknowledge mistakes, learn from others, and embrace feedback while putting the mission first.

Who You Are

Experience: Minimum of two years in cybersecurity, with at least one years focused on security monitoring and incident response.
Education & Certifications: Relevant certifications (GCLD, GCIH, GCFA, GREM, CompTIA Net+, Sec+, CySA+) and/or a Bachelors degree are preferred.
Operating System Knowledge: Expertise with Windows OS and command-line tools. Baseline knowledge of Linux and Mac is preferred.
Network & Protocol Knowledge: Solid understanding of TCP/IP, core application layer protocols, basic authentication knowledge.
Adversary Knowledge: Knowledge of and insight into the adversary life cycle from reconnaissance to actions in the environment.
Technical Expertise: Proficiency in enterprise security tools, including SIEM, EDR, User Behavior Analysis, and familiarity with Zero Trust networking models.
Raw Data Analysis: Demonstrated experience in analyzing raw data, ability to understand and find key elements within data.
Scripting & Development: Demonstrated experience in building scripts, tools, or processes/documentation that enhance threat detection and incident response.
Cloud & Offensive Security Familiarity: Understanding of cloud applications (e.g., O365, Okta) and cloud infrastructure (AWS, GCP, Azure), along with familiarity with offensive security tools and techniques.