Job Description
Job Description
3210666
U.S. Citizens
Top Three Skills :
1.) 3+ years Experience working with SIEM tools (Splunk preferred but not a must have)
2.) Experience working with Endpoint Protection tools (Tanium a plus but not a must have)
3.) Someone who has knowledge of troubleshooting infrastructure either as a systems or network admin.
Responsibilities :
The Cyber Security Analyst utilizes internal processes and tools to detect and respond to various threats.
Principal Responsibilities :
- Analyze and investigate ticketed events using various logs including firewalls, IDS / IPS, proxies, servers, endpoints and other network devices in an enterprise security information and event monitoring (SIEM).
- Recommend and initiate appropriate response activities using established incident handling and response procedures based on risk categorization.
- Collaborate and interact with peers and stakeholders across the Corporate and Business Unit cyber security and information technology organizations.
- Rotational, after-hours operational support (on-call)
- Perform other duties as assigned
Experience / Qualifications :
- Minimum 3 years working in Security Operations or Incident Response required.
- Excellent and demonstrated written and verbal communication skills; must be able to communicate technical details clearly and concisely with peers and all levels of management
- Capability to think and operate independently and in a team environment with minimal supervision
- Proactive and results driven mindset
- Strong process orientation and ability to develop and follow standard work; attention to detail
- Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment
- Proven ability to troubleshoot and solve technical issues
Candidate must have technical experience in the following areas :
- Splunk or other SIEM.
- Network analysis using tcpdump, Wireshark or other packet capture / inspection tools
- Searching, interpreting and working with data from enterprise logging systems including syslog, netflow and SIEM / SEIM platforms
- Scripting languages such as Python and PowerShell
- Malware sandboxes
- Windows, macOS, and Linux operating systems
- Endpoint protection suites such as Symantec, McAfee, Carbon Black or Tanium
- Systems or network architecture
- Collection and management of threat intelligence
- Host based forensics using EnCase, FTK or other digital forensics tools
Education :
Bachelor or Master’s degree in Computer Science / Engineering, Information Systems or related field with a minimum of 5 years experience.
Senior Cyber Security Analyst
A company is looking for a Senior Cyber Security Analyst to join their Information Security team. ...
Cyber Security Analyst GRC
The Cybersecurity Regulatory and Compliance Lead will be responsible for facilitating compliance with our global regulations, including developing, implementing, and managing the organizations Cybersecurity compliance programs. Gen Re is seeking a highly skilled Cybersecurity Regulatory and Complian...
Cyber Security Analyst
The Cyber Security Analyst utilizes internal processes and tools to detect and respond to various threats. Collaborate and interact with peers and stakeholders across the Corporate and Business Unit cyber security and information technology organizations. Analyze and investigate ticketed events usin...
Cyber Security Operations Center (CSOC) Analyst
Provide Cyber Security/Threat Hunting expertise and deep analysis of raw data from assets supporting Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services. Cyber Security Operations Center (CSOC) Analyst. HOW A CYBER SECURITY ANALYST ADVISOR WILL MAKE AN IMP...
Senior Security Operations Analyst
A company is looking for a Senior Security Operations Analyst to join their team remotely. CompTIA Security+, Certified SOC Analyst) are a plus. ...
Information Security Engineer
Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender ( GCED ). The Information Security Engineer will be resp...
Security Engineer
An enterprise company is looking for a Security Engineer to join their team in Central Connecticut. On a day to day basis, this Security Engineer would perform 50% reactive work, including responding to incidents and repairs and 50% of proactive work, which would include road mapping and finding bes...
Security Operations Center Analyst
The Global Security Operations Center Analyst will be responsible for managing client data, international travel itineraries, global beacon tracking devices, security operations requests, worldwide intelligence gathering, analysis and presentation, and assisting clients under duress traveling. The G...
Senior Security Data Engineer
SIEM Architect, Security Data Engineer, Security Engineer, Technical Program Manager) or a combination of software engineering and cybersecurity. Collaborate with engineering teams, detection engineers, Security Operations, and Incident Response to enhance security telemetry and logging for the thre...
Sr. IT Compliance Analyst
IT Compliance Analyst will be responsible for managing IT-related audits and examinations with groups internal and external to SHI. Analyst will serve as a subject matter expert in the areas of security controls and security risks throughout the organization. The candidate chosen will be a key membe...