Job Title : Cyber Security Operations Analyst
Duration : 10 months (may be renewed)
Location : Boston, MA (Hybrid)
Work Hours : 37.5 hr / week
A leading organization is actively hiring a Cyber Security Operations Analyst! Join a great team of cyber security professionals and help protect the confidentiality, integrity, and availability of digital information and systems.
Cyber Security Operations is a key pillar of the Information Security program, responsible for the deployment and tuning of security tools, threat-hunting, and Cyber Incident Response.
The Cyber Security Operations Analyst will be a member of a 4-person team, reporting to the Director of Cyber Security Operations, and will work closely with the Chief Information Security Officer (CISO).
The ideal candidate is a self-starter with a passion for cyber threat hunting, can collaborate well with a small team, and demonstrates strong written and verbal communication skills.
Duties and Responsibilities :
Security Operations Response and Reporting :
- Review and respond to Security Operations Center alerts.
- Manage Endpoint Detection and Response and Identity alerts, responding to ServiceNow tickets.
- Analyze daily and system-generated reports, along with threat feeds for issues or relevance.
Splunk SIEM Logs Review and Improvement :
- Configure alerts to address gaps in proactive and responsive measures.
- Maintain a query repository for regular tasks and improve dashboard visibility across sources.
- Ensure data hygiene and CIM compliance with the data model.
Threat Detection & Incident Response :
- Conduct threat hunting, tracking common tactics, techniques, Indicators of Compromise (IOCs), and applying necessary measures for detected threats.
- Utilize custom Indicators of Attack (IOAs) and EDR SOAR workflows for automated response and remediation.
- Monitor web proxy and firewall traffic to address abnormal activity.
Monitoring & Visibility Recommendations :
- Develop metrics dashboards for security tools.
- Enhance visibility across firewall and web proxy logs.
- Recommend security improvements, including hardening and content blocking.
- Audit the deployment of security controls and ensure compliance with policies and standards.
- Document and maintain logs of policy violations.
Vulnerability Assessment Responsibilities :
- Conduct vulnerability assessments of infrastructure and applications, documenting identified gaps and risks.
- Communicate risks and vulnerabilities to customers.
- Perform continuous monitoring to analyze the security posture of infrastructure and applications.
- Manage and address events in the Security Information and Event Management (SIEM) system.
Additional Responsibilities :
- Stay updated on security best practices, industry standards, and regulatory changes.
- Develop security solutions based on business needs and regulatory requirements.
- Assist with inquiries from customers, vendors, and colleagues in a courteous and professional manner.
- Provide on-call support as necessary.
- Offer deskside support when gathering evidence for investigations or advising on safe computing practices.
- Contribute to the continuous improvement of the information security program.
Required :
- 2+ years of training or experience in IT Operations and cyber security operations.
- Strong work ethic, excellent time management, and team collaboration skills.
- Effective verbal and written communication skills.
- Authorization to work indefinitely in the U.S.
Qualifications :
- Bachelor's degree or equivalent in Cyber / Information Security.
- Industry certifications such as CISSP.
- Previous experience on a Cyber Security Operations team in a large organization.
This is a fantastic opportunity to work with a dynamic team and contribute to the strengthening of cyber security operations.