Job Description
Job Description
3210666
U.S. Citizens
Top Three Skills :
1.) 3+ years Experience working with SIEM tools (Splunk preferred but not a must have)
2.) Experience working with Endpoint Protection tools (Tanium a plus but not a must have)
3.) Someone who has knowledge of troubleshooting infrastructure either as a systems or network admin.
Responsibilities :
The Cyber Security Analyst utilizes internal processes and tools to detect and respond to various threats.
Principal Responsibilities :
- Analyze and investigate ticketed events using various logs including firewalls, IDS / IPS, proxies, servers, endpoints and other network devices in an enterprise security information and event monitoring (SIEM).
- Recommend and initiate appropriate response activities using established incident handling and response procedures based on risk categorization.
- Collaborate and interact with peers and stakeholders across the Corporate and Business Unit cyber security and information technology organizations.
- Rotational, after-hours operational support (on-call)
- Perform other duties as assigned
Experience / Qualifications :
- Minimum 3 years working in Security Operations or Incident Response required.
- Excellent and demonstrated written and verbal communication skills; must be able to communicate technical details clearly and concisely with peers and all levels of management
- Capability to think and operate independently and in a team environment with minimal supervision
- Proactive and results driven mindset
- Strong process orientation and ability to develop and follow standard work; attention to detail
- Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment
- Proven ability to troubleshoot and solve technical issues
Candidate must have technical experience in the following areas :
- Splunk or other SIEM.
- Network analysis using tcpdump, Wireshark or other packet capture / inspection tools
- Searching, interpreting and working with data from enterprise logging systems including syslog, netflow and SIEM / SEIM platforms
- Scripting languages such as Python and PowerShell
- Malware sandboxes
- Windows, macOS, and Linux operating systems
- Endpoint protection suites such as Symantec, McAfee, Carbon Black or Tanium
- Systems or network architecture
- Collection and management of threat intelligence
- Host based forensics using EnCase, FTK or other digital forensics tools
Education :
Bachelor or Master’s degree in Computer Science / Engineering, Information Systems or related field with a minimum of 5 years experience.
19 days ago