Job Description

Job Description

Job Description

3210666

** U.S. Citizens **

Top Three Skills:

1.) 3+ years Experience working with SIEM tools (Splunk preferred but not a must have)
2.) Experience working with Endpoint Protection tools (Tanium a plus but not a must have)
3.) Someone who has knowledge of troubleshooting infrastructure either as a systems or network admin. 

Responsibilities: 
The Cyber Security Analyst utilizes internal processes and tools to detect and respond to various threats. 

Principal Responsibilities:

• Analyze and investigate ticketed events using various logs including firewalls, IDS/IPS, proxies, servers, endpoints and other network devices in an enterprise security information and event monitoring (SIEM).

• Recommend and initiate appropriate response activities using established incident handling and response procedures based on risk categorization.

• Collaborate and interact with peers and stakeholders across the Corporate and Business Unit cyber security and information technology organizations.

• Rotational, after-hours operational support (on-call)
• Perform other duties as assigned

Experience/Qualifications:
• Minimum 3 years working in Security Operations or Incident Response required.
• Excellent and demonstrated written and verbal communication skills; must be able to communicate technical details clearly and concisely with peers and all levels of management
• Capability to think and operate independently and in a team environment with minimal supervision
• Proactive and results driven mindset
• Strong process orientation and ability to develop and follow standard work; attention to detail
• Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment
• Proven ability to troubleshoot and solve technical issues
Candidate must have technical experience in the following areas:

• Splunk or other SIEM.
• Network analysis using tcpdump, Wireshark or other packet capture/inspection tools 
• Searching, interpreting and working with data from enterprise logging systems including syslog, netflow and SIEM/SEIM platforms
• Scripting languages such as Python and PowerShell
• Malware sandboxes
• Windows, macOS, and Linux operating systems
• Endpoint protection suites such as Symantec, McAfee, Carbon Black or Tanium
• Systems or network architecture
• Collection and management of threat intelligence
• Host based forensics using EnCase, FTK or other digital forensics tools

Education:
Bachelor or Master’s degree in Computer Science/Engineering, Information Systems or related field with a minimum of 5 years experience.

Job Tags

Similar Jobs