Working at Critical Insight

Being part of the Critical Insight (CI) means that you’ll be on a team that has a single focus – astonishing our customers with our responsiveness, dedication, and capability in managing the security of their IT environment. We are small but growing, and we conduct our work in small teams, with lean, agile rituals that encourage autonomy, self-improvement, and data-driven decision making. We are a learning organization; we apply our concept of CI University to internships, on-boarding, career paths, research, and product evolution. We believe work should be fun, meaningful, and focused. 

The Work

The SOC Incident Specialist role will serve to be a bridge between the SOC and our customers with an immediate focus on customer communication and incident management. Represent the client-facing voice from the SOC to the customer. Provide accountability to the SOC Manager and Chief Delivery Officer for delivery outcomes related to owned work. When necessary, the SOC Incident Specialist will assist in prioritizing various types of inbound work and requests owned by the SOC.

Performance Objectives

• Establish relationships with co-workers to enable performance as a team member.
• Learn and put into action:
  • The mission and values of Critical Insight.
  • The policies and practices of Critical Insight.
  • The work performed and performance expectations.
  • People manager specific policies and practices.
• Assist on high-level investigative inquiries through investigation to resolution, including producing and sending customer facing summaries and responses to the customer.
• Assist and join critical ad-hoc customer meetings where a SOC representative is required to work through an issue or concern alongside the customer.
• During scheduled hours, answer and internally escalate customer questions about previously reported SOC alerts and/or when a customer believes the SOC missed an alert by collaborating with ARD and other departments.
• Assist SOC Senior Staff’s management of pentest monitoring tickets, including assisting with the investigation. creating the final customer facing write up to be provided to the customer and handing off SOC findings/opportunities to ARD.
• Assist in producing “Incident Response Playbooks” to provide customers when escalating alerts.
• Identify opportunities to improve SOC delivery and turn them into projects.
• Thoroughly understand the workflows, customer support, procedures, and performance measures of the Security Operations Center.
• Demonstrate knowledge of tools and capabilities used to execute both internal and customer security.
• Enhance Critical Insight customer delight through developed relationships and daily engagement with clients via email and/or voice communications.
• Study and stay up to date on cybersecurity best practices, news, and tools.
• Learn documentation and customer communication standards for all SOC workflows and service delivery expectations.
• Illustrate the SOC’s value for Critical Insight and our clients with weekly KPIs and relevant metrics.
• Lead implementation and realize results for new/changed systems, policies, and procedures.
• Other duties when the above in not needed:
  • Proactively review logs, threat hunt and/or conduct research using publicly available threat intelligence.
  • Create training materials and resources that can be used by the SOC to improve operations and delivery of services.
  • Identify and create tuning requests for alerts that are low fidelity or non-value adds for our customers.
  • Proactively identify possible threats, security gaps and vulnerabilities that might be unknown to the SOC.

Essential Job Functions & Logistics

• SOC Incident Specialist must be able to work in a 24/7/365 operation requiring around the clock coverage. The scheduled shift would be Monday – Friday during business hours ~0800-1700.
• Attend SOC Leadership meetings and training sessions when applicable.
• This position is a hybrid role of remote and in-office work, qualified candidates must be able to accommodate a productive in-home work environment when working remotely, as well as daily video-based conference calls for meetings when not on site.
• Must be able to use a computer and work at a computer or desk area for extended periods of time. 
• Must be based in the US. 

Why work at Critical Insight?

• Have a ton of fun. Jobs that aren’t fun suck.
• Be part of a team of seasoned security professionals whose work positively impacts the life safety and life quality of your community. See the positive impact of your work every day.
• Contribute to the formation of the foundational culture and values of Critical Insight as a company and organization serving its clients.
• Work in a fast paced and agile environment with some of the top talent in the industry where politics are minimized, and success is measured and celebrated.
• Competitive pay with and benefits: 
  • Medical/dental/vision/life/disability insurance.
  • Unlimited time off.
  • 401k match.
  • Paid family and medical leave.

Critical Insight is an equal opportunity employer. We actively work toward greater diversity and an inclusive and welcoming environment for all employees.