Cyber Security Analyst

Job Title: Sr. Cyber Defense Analyst

Location: Lexington, KY

Type: Hybrid (1-2 days per week onsite)

Duration: 6+ Month Contract

Pay: $65 - $85/hr (depending on years of experience)

Description:

Cyber Defense Analysis

Firewall exception management – integrate systems into a zero-trust network architecture across on-prem and cloud environments

Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.

Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

Vulnerability Assessment and Management

Analyze the organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.

Conduct required reviews as appropriate within the environment.

Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, and supporting infrastructure).

Incident Response

Coordinate with and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.

Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.

Perform analysis of log files from various sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security.

Perform cyber defense incident triage, which includes determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.

Skill Sets Required:

BS required or equivalent experience

Security certification required (e.g. CISSP)

Other IT industry certifications are highly desirable

5+ years in information security

Ability to produce clean, concise diagrams and documentation

Skill Sets Preferred:

Experience in network protocol analysis, log analysis, perimeter security technologies

Experience with Microsoft Security solutions, Qualys, Splunk, Crowdstrike, Palo Alto, and Cisco firewalls