IT SENIOR PROFESSIONAL - SECURITY (CYBERSECURITY ANALYST)

Are you passionate about protecting organizations from cyber threats and helping shape the future of cybersecurity? Virtuo Group is seeking a skilled and motivated Cybersecurity Analyst to join our award-winning team. In this role, you’ll monitor, detect, and respond to security incidents, while working alongside experts who are dedicated to keeping our clients’ systems secure. If you thrive in a fast-paced, dynamic environment and enjoy solving complex challenges, this is the opportunity to make a real impact.

Workdays & Hours: MONDAY – FRIDAY 8:00 AM – 5:00 PM*  *Subject to Change /  Remote is Not an Option

DESCRIPTION OF DUTIES / ESSENTIAL FUNCTIONS
Duties, functions and responsibilities of this position include:

• Responsible for communicating cyber risks and recommendations to mitigate risks to the Chief Information Security Officer (CISO)
• Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in threat detection and discovery
• Conducts basic malware analysis of attacker tools and identifies indicators of compromise (IOC)s
• Manage the Security Operations Center (SOC) mailbox, and monitor and analyze the emails for threats including phishing and malware, and escalates per procedures
• Participates in the investigations of information security incidents and may prepare reports on intrusions as required
• Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them
• Perform real-time detection, analysis, and response to threats via an EDR tool
• Analyze the latest malware discoveries/shifts to understand how/if it would be effective in the environment
• Create new alerts and investigation methods in relation to the ever-changing threat landscape
• Analyze attacks and trends facing HPD to better define proactive defensive measures
• Track, provide, and present analysis into observed attacks against HPD
• Assist with the development, deployment and support of data protection solutions
• Assist with the implementation of data security controls and design principles
• Assist with technology and software reviews based on data protection and endpoint risks
• Responsible for implementing and supporting security platforms related to: Security Orchestration Automation & Response (SOAR), Security Information Event Management (SIEM), and User & Entity Behavior Analytics (UEBA)
• Manage SIEM platforms, agents, and apps\add-on log source integration upgrades
• Develop alerts, reports, data models, dashboards, and connectors in support of HPD cyber operations
• Recognize patterns and inconsistencies that could indicate complex cyber-attacks
• Develop SIEM correlation rules to detect new threats beyond current capabilities
• Assist with designing and documenting work processes
• Perform log file analysis as needed
• Contribute to CTI (Cyber Threat Intelligence) data gathering, reporting, and analysis activities
• Leverage automation and orchestration solutions to automate repetitive tasks
• Continuous optimization, tuning and monitoring of platforms
• Integration of platforms into SIEM, SOAR and/or API’s
• Identify credible, new intelligence, and subject matter resources relative to current and emerging threats
• Create written and verbal intelligence products for internal stakeholders to assist in proactively addressing cyber threats and mitigating risk
• Recognize, research, and analyze various threat actor groups/attack patterns and TTPs
• Prepare and brief CISO on the cyber threat landscape as required

WORKING CONDITIONS
There are no major sources of discomfort, i.e., essentially normal office environment with acceptable lighting, temperature and air conditions. Significant time spent using computer display, keyboard, and mouse.

EDUCATION REQUIREMENTS
Associate degree in Computer Science, Management and Information Systems (MIS), Business or a related field. System-specific technical certifications may be considered a substitution for associate degree. Experience in IT security, infrastructure or applications may be substituted for the education requirement on a year-for-year basis.

EXPERIENCE REQUIREMENTS
At least 2 1/2 years of IT security, infrastructure or applications experience.

LICENSE REQUIREMENTS
Must be able to pass a criminal background check, obtain and maintain federally mandated security clearances where required.

PREFERENCES
The candidate must have the following knowledge, skills and abilities:

• Knowledgeable of Cyber Kill Chain and Diamond Model of Intrusion Analysis
• Knowledge of SIEM, IDS, anti-virus/anti-malware and firewall technologies
• Understanding of networking and TCP/IP
• Experience with a wide variety of operating systems: Windows Server, Windows 10, Linux etc.
• Ability to troubleshoot technical and security related issues
• Experience working in a rapidly changing, high intensity environment
• Avid, proactive learner and ability to work well in a team-based environment
• Strong interpersonal and writing skills
• Candidate required to obtain Security+ certification during first year of employment

Preference shall be given to eligible veteran applicants provided such persons possess the qualifications necessary for competent discharge of the duties involved in the position applied for, such persons are among the most qualified candidates for the position.

SELECTION / SKILLS TESTS REQUIRED
Organization may administer skills assessment test.

EEO Equal Employment Opportunity

Virtuo Group Corporation is committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, genetic information, veteran status, gender identity, or pregnancy.