Sr. Cyber Defense Analyst

Senior Cyber Defense Analyst

6 Month - Contract to Hire (W2)

Denver, CO (Onsite)

Job Duties and Responsibilities:

The main focus of the Cybersecurity Specialist is to identify, analyze, contain and eradicate threats on enterprise systems and infrastructure. The Cybersecurity Specialist will serve as subject-matter expert (SME) providing direct support to the frontline Cybersecurity Analysts. The Cybersecurity Specialist will also continuously and collaboratively improve processes, procedures, and training, for new technologies and defensive security techniques. The candidate must have a curious investigative mind, a passion for information security, and the ability to communicate complex ideas to varied audiences.

Key Responsibilities:

Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities

Use cyber defense tools for continuous monitoring and analysis to identify anomalies and malicious activity

Support and mentor the frontline Cybersecurity Analyst staff

Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment

Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on systems and information

Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack

Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)

Perform cyber defense trend analysis and reporting

Coordinate with enterprise-wide cyber defense staff to validate alerts and harden the enterprise with preventative controls

Provide daily summary reports of events and activity relevant to cyber defense practices

Develop and analyze dashboards and reports to identify potential threats

Develop monitoring and handling processes as new alert and event types are implemented

Prepare technical reports for executive audiences with regard to incident response activities and learnings

Required Skills and Qualifications:

4 years experience in Security Operations

Experience with cybersecurity investigations

Experience with various security technologies (SIEM, SOAR, UEBA, EDR, IDS/IPS, etc.)

Preferred Skills:

Experience with digital forensic analysis

Experience with cyber threat intelligence

One or more of the following certifications are strongly desired:

CompTIA Network

CompTIA Security

AWS Certified Security - Specialty

GIAC Certified Incident Handler (GCIH)

GIAC Certified Intrusion Analyst (GCIA)

GIAC Certified Detection Analyst (GCDA)

Skills to look for:

Have responded to alerts

Have experience running security investigations

Have SIEM, SOAR, EDR, firewall/ids/ips understanding, log aggregation tools, log analysis, digital forensics, Cloud Security, App security, alert development/tuning, threat detection (UEBA), threat hunting/intel, DLP

Nice to have: Scripting, Python