Senior Cyber Security Threat Analyst

About the role :

Neovera is seeking a seasoned Senior Cyber Security Threat Analyst to perform threat intelligence client services, research, security automation, and mentoring of SOC Analysts in our MSSP business.

The senior level threat analyst will report directly to the Senior Vice President of Cyber Security Services.

The senior threat analyst will triage and analyze security alerts and events from Neovera’s MSSP platform with other SOC Analysts and engineers.

You will be responsible for analyzing, identifying and eliminating customer security alerts. You will require good analytical skills, good communication skills (written and verbal) and highly technical skills.

In addition, we are looking for the senior level threat analyst to work on automating our SecOps processes and procedures.

Examples of ongoing automation tasks you will perform are listed below.

• Writing security alert rules for our SIEM and logging tools
• Building Integration with our SIEM tools, 3rd security tools, and service management tools to streamline the incident to resolution process and remediation processes
• Build Sentinel Workbooks, Playbooks & Logic Apps

The senior threat analyst will also perform Neovera global threat research and coordination with other threat exchange labs around the globe to continue to build the threat intelligence, correlation directives, into our Cyber Security solution.

About the Company :

At Neovera we use a combination of commercial and open-source tools to solve our client’s problems. Are you looking to work with other highly technical engineers, analysts, and architects without the red tape and be technically challenged?

Then you have found the right place at Neovera.

Benefits :

The overall well-being of our employees and their families is important, and Neovera provides many valuable benefits, programs and tools to help manage the various phases, developments, and priorities in your life which include :

• Medical and dental insurance coverage
• FSA- health and dependent care expenses
• Telecommuting and work-life balance
• Life insurance
• Short and long-term disability insurance
• Generous paid time off (vacation, sick, floating holidays)
• 401(k) retirement plan
• Competitive base salary

Essential Duties and Responsibilities :

• Lead and manage the cyber security threat analysts
• Provide first and second level technical resolution for security alerts and SOC service requests in coordination with SOC Analysts
• Engage with clients around our SOC services and Cyber Security Monitoring solution
• Continuously look to streamline and reduce costs via improving processes and security automation
• Mentor SOC Analyst team members
• Continuous Global Threat research to add intelligence and correlation directives to our Cyber Security SIEM solution
• Work with our Cyber Security partners on integrating their feeds / logs into our systems, especially our partner threat intelligence exchange
• Log and record all alerts with integrated ticketing
• Identify weaknesses in customer infrastructures and suggest improvements
• Technical and analytical skills to handle security incidents and threats
• Resolve or escalate incidents
• Provide timely and reliable service to customers
• Inform himself about the latest vulnerabilities, exploits and other threat information
• Operation of the Security Monitoring and ticketing systems platform
• Integrate customer environments
• Mentor and train customers using and operating the client portal portions of the security Monitoring and ticketing system platform
• Document solutions, process, or procedures and present in written document, verbally on the phone, or in person

Qualifications :

• 10-15 years of information security experience
• 5+ years of experience doing IT Security automation with scripting and / or programming languages
• 24x7 SOC experience working with or for a MSSP is highly desirable
• Security experience with Microsoft Azure environments and security tools such as Microsoft Sentinel, Security Center, Defender
• Experience with Microsoft Azure automation tools such as Sentinel Playbooks, logic apps
• Experience with Microsoft Kusto Query Language (KQL)
• Experience with using AT&T USM Central & Anywhere (Formerly Alienvault)
• Programming / shell scripting experience highly desirable (Powershell, Python, Java, shell scripts, etc.)
• Experience as a Linux and / or Windows System Administrator a plus
• Experience as a Network Administrator a plus
• Knowledge of configuring and implementing technical security solutions (Firewalls, NIDS, HIDS, OSSEC, SIEM, Antivirus, Antispam, etc.)
• Curiosity and strong desire to constantly learn
• Bachelor’s degree in Computer Science, Cyber Security, or equivalent demonstrated experience and knowledge.
• Solid understanding of application, operating system, and networking security
• Requirement for on-call work and working in a 24x7x365 environment
• TCP / IP protocols such as SMTP, HTTP, POP3, IMAP
• Command line interfaces
• Linux user and administrator experience a plus
• Keen ability to troubleshoot technical and security problems

J-18808-Ljbffr