Cyber Security Analyst

Job Description

3210666

** U.S. Citizens **

Top Three Skills:

1.) 3+ years Experience working with SIEM tools (Splunk preferred but not a must have)

2.) Experience working with Endpoint Protection tools (Tanium a plus but not a must have)

3.) Someone who has knowledge of troubleshooting infrastructure either as a systems or network admin.

Responsibilities:

The Cyber Security Analyst utilizes internal processes and tools to detect and respond to various threats.

Principal Responsibilities:

• Analyze and investigate ticketed events using various logs including firewalls, IDS/IPS, proxies, servers, endpoints and other network devices in an enterprise security information and event monitoring (SIEM).

• Recommend and initiate appropriate response activities using established incident handling and response procedures based on risk categorization.

• Collaborate and interact with peers and stakeholders across the Corporate and Business Unit cyber security and information technology organizations.

• Rotational, after-hours operational support (on-call)

• Perform other duties as assigned

Experience/Qualifications:

• Minimum 3 years working in Security Operations or Incident Response required.

• Excellent and demonstrated written and verbal communication skills; must be able to communicate technical details clearly and concisely with peers and all levels of management

• Capability to think and operate independently and in a team environment with minimal supervision

• Proactive and results driven mindset

• Strong process orientation and ability to develop and follow standard work; attention to detail

• Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment

• Proven ability to troubleshoot and solve technical issues

Candidate must have technical experience in the following areas:

• Splunk or other SIEM.

• Network analysis using tcpdump, Wireshark or other packet capture/inspection tools

• Searching, interpreting and working with data from enterprise logging systems including syslog, netflow and SIEM/SEIM platforms

• Scripting languages such as Python and PowerShell

• Malware sandboxes

• Windows, macOS, and Linux operating systems

• Endpoint protection suites such as Symantec, McAfee, Carbon Black or Tanium

• Systems or network architecture

• Collection and management of threat intelligence

• Host based forensics using EnCase, FTK or other digital forensics tools

Education:

Bachelor or Master’s degree in Computer Science/Engineering, Information Systems or related field with a minimum of 5 years experience.