Todyl Visa Sponsorship USA

Detection and Response Analyst II

About us

At Todyl, we are on a mission to protect small and medium-sized businesses from ever-changing cyber threats. The Todyl platform fully integrates threat, risk, and compliance management to provide exceptional and affordable unified cybersecurity solutions to MSPs (Managed Service Providers) and their end customers. At the end of the day, we’re here to keep our partners and customers safe and help them manage the risks and comply with regulations. Protecting others requires a team that works together with trust and cares deeply about carrying out our mission.

About the Role

We are looking for a passionate Detection and Response Analyst II to join our Managed Extended Detection and Response (MXDR) team. In this role, you will have a direct impact on our partners’ security, helping safeguard their systems and data. This position offers an exciting opportunity to work collaboratively, leverage cutting-edge security tools, and build your expertise in security operations and threat intelligence. This role reports to the Director of MXDR. Todyl has an in-office team, and this role is for our Augusta, GA or Denver, CO office. Additionally, this role is for either our evening (4PM – 2AM EST) or overnight (12AM – 10AM) shifts.

Key Responsibilities

- Monitoring & Reporting: Actively monitor alerts and craft technical reports, describing the overall activity and root cause of the alert to our partners.
- Collaborative Work: Work closely beside other members of the team to learn and share knowledge and collaborate on projects and incidents.
- Automation & Tool Development: Independently contribute to internal projects, documentation, and develop new capabilities to automate security operations and enhance overall security.
- Threat Hunting & Analysis: Support proactive threat-hunting exercises, analyze indicators of compromise (IOCs), and research malware threat families to anticipate and mitigate risks.
- Incident Response: Assist in the triage and investigation of security incidents, working alongside the Detection Response Account Managers (DRAMS) or Threat Hunters, to determine root cause, scope, and impact of incidents. Ensure proper hand-off for incidents requiring containment and recovery.

Qualifications

Values Fit

- Extreme ownership, particularly when things go wrong or aren’t completed on time.
- Intrinsic drive for growth; self-motivated, always learning, and focused on raising the bar for self and team.
- Strong bias for action with impact; make tough decisions quickly, measure results, and iterate with clarity to move the mission forward.
- Comfort with ambiguity and change, embrace change and uncertainty as part of startup life.
- Humility, purpose over ego to acknowledge mistakes, learn from others, and embrace feedback while putting the mission first.

Who You Are

- Experience: Minimum of two years in cybersecurity, with at least one year focused on security monitoring and incident response.
- Education & Certifications: Relevant certifications (GCLD, GCIH, GCFA, GREM, CompTIA Net+, Sec+, CySA+) and/or a Bachelor's degree are preferred.
- Operating System Knowledge: Expertise with Windows OS and command-line tools. Baseline knowledge of Linux and Mac is preferred.
- Network & Protocol Knowledge: Solid understanding of TCP/IP, core application layer protocols, basic authentication knowledge.
- Adversary Knowledge: Knowledge of and insight into the adversary life cycle from reconnaissance to actions in the environment.
- Technical Expertise: Proficiency in enterprise security tools, including SIEM, EDR, User Behavior Analysis, and familiarity with Zero Trust networking models.
- Raw Data Analysis: Demonstrated experience in analyzing raw data, ability to understand and find key elements within data.
- Scripting & Development: Demonstrated experience in building scripts, tools, or processes/documentation that enhance threat detection and incident response.
- Cloud & Offensive Security Familiarity: Understanding of cloud applications (e.g., O365, Okta) and cloud infrastructure (AWS, GCP, Azure), along with familiarity with offensive security tools and techniques.

What We Offer

For full-time employees, Todyl offers comprehensive benefits including:
- Medical, dental, and vision coverage
- Health savings and flexible spending accounts (HSA/FSA)
- Life insurance
- Short- and long-term disability
- Access to on-demand healthcare and telehealth services
- Employee Assistance Program (EAP)
- Flexible PTO in addition to 13 company holidays
- 401(k)
- Generous parental leave programs