Cyber Security Analyst

Job Title: Cyber Security Analyst
Location: Remote (Preference to Hybrid 1 day per week onsite)
Duration: 12 Months, likely extensions
C2 Clearance required

Required Education: Bachelor's degree in Computer Science, Information Technology or other job related degree. or 4 years of job related work experience or 2 years of job related experience plus an associate's degree in Computer Science, Information Technology or other job related degree.
Required Work Experience: 6 years of job related technical experience.
Preferred Work Experience: Strong incident response experience in a medium to large sized enterprise. Experience interpreting and acting on cyber threat intelligence.
Preferred Licenses and Certificates: CISA, CISM, CISSP

Required Technologies:

• SIEM
• Crowdstrike
• M365/Azure
• Server Operating Systems (Windows/Linux)

Nice to Have:
Extrahop, Proofpoint, Network OS (Palo Alto/Cisco), Elastic

Day to Day :

• A typical day consists of investigating security alerts generated via various security tools in the environment.
• A good candidate should be able to review event logs from various types of systems to establish ground truth of an event and then triage it appropriately.
• Candidate would be working in consoles for SIEM, EDR, Email, Networking, Cloud, etc.
• This role is not for non-technical "security compliance" candidates.

Soft Skills: Strong analytical, data gathering and problem solving skills with experience analyzing network attacks. Understanding of system and network security, incident management, intrusion detection, log analysis, and related technologies. Creativity to recognize and address new threats and security challenges as they arise. Ability to effectively prioritize and execute tasks in a high-pressure environment.

About the Team: The Cyber Security Operations team is composed of twelve people across two teams, "Incident Triage, Analysis and Response" and "Security Engineering and Administration". This position would be performing real-time alert monitoring and triage. Fast paced culture with an emphasis on communication and sharing of knowledge.

Required Skills and Abilities:

• Strong analytical, data gathering and problem solving skills with experience analyzing network attacks.
• Understanding of system and network security, incident management, intrusion detection, log analysis, and related technologies.
• Creativity to recognize and address new threats and security challenges as they arise.
• Knowledge of enterprise data architecture, systems engineering and data communications as applied to the automated storage and retrieval of information, using multiple platforms and protocols with the inherent security risks of each.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Comprehensive understanding of the organization's goals and objectives.
• Expertise with threat analysis risk management, configuration management, business continuity and contingency planning.
• Advanced knowledge of administrative, procedural and technical controls used to reduce security risks.
• Ability to troubleshoot multi-vendor Security issues.
• Strong organizational, interpersonal and oral communication skills.
• Advanced proficiency in network troubleshooting, diagnostic root cause analysis.
• Excellent analytical and problem-solving abilities.

Required Software and Other Tools:
Strong proficiency with applicable IT Security tools (software and hardware). Microsoft Office.
Work Environment: Fast paced, multi-platformed environment which may require action and response 24X7 to support the technical business needs of the customer.

Responsibilities-:

• Performs daily monitoring and review of security events. Keeps up with the cyber threat landscape in order to rapidly identify potential threats and work with the senior staff to ensure that company's security tools are properly tuned.
• 25% Performs daily monitoring and review of security events in a corporate setting. Performs investigations as needed and responses to potential incidents rapidly and accurately.
• 25% Plans and performs security assessments such as penetration testing or vulnerability scanning. Anticipates and mitigates potential attacks through enterprise connections to ensure the security of the system (s). Exploits weaknesses detected in systems to assess and prevent potential break-ins. Analyzes business impact and exposure based on security threats, vulnerabilities, and risks. Keeps up with the cyber threat landscape in order to rapidly identify potential threats. Ensures security tools are properly tuned to identify and contain cyber-attacks before they happen.
• 20% Develops and implements enterprise information security architectures and solutions. Researches, designs, and advocates new technologies, infrastructure, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Identifies, plans and implements security tools.
• 20% Evaluates and recommends procedures and processes for the prevention, detection, containment and correction of information security breaches. Analyzes business impact and exposure based on security threats, vulnerabilities, and risks. Advises management and users regarding security procedures.
• 10% Monitors security agencies and services in order to keep apprised of current security threats and concerns. Evaluates products and/or procedures to enhance productivity and effectiveness of information security across the organization.