IT Security Analyst I

Posted: 2 weeks ago

*** US citizen only ***
*** This is contract-to-hire position ***
*** is seeking a SOC Cyber Analyst. This is an entry to mid-level position in Cyber Security, targeted toward individuals with 2-5 years of experience. Educational and personal experience with network/systems administration and/or information security related work is necessary.

Responsibilities:

SOC Analysts are responsible for monitoring and maintaining systems used in our internal security program. This includes the following of procedures to triage and investigate security alerts, and escalate issues as necessary. SOC Analysts have opportunities for mentorship from more senior members of the team, and involvement with maturing procedures, evaluating new security technologies, incident response, penetration testing, and the freedom to try out new ideas and technologies to improve the SOC.

" Performs network security monitoring, security event triage, and incident response for a mid-size organization, coordinates with other team members, management to document and report incidents
" He/she will be part of rotating SOC shifts supporting 24/7 coverage. Nights and weekends can possibly be performed remotely after sufficient training and familiarization.
" Maintains records of security events investigated and incident response activities, utilizing case management and ticketing systems
" Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation
" Makes recommendations, creates, modifies, and updates Intrusion Detection Systems (IDS) and Security Information Event Management (SIEM) tool rules
" Ensure that we are implementing best practice security policies that address the client's business need while protecting their vital corporate assets
" Evaluates firewall change requests and assess organizational risk
" Work closely with customers for the configuration of new software applications through various firewall platforms
" Take on Security Operations responsibilities when not on a SOC shift: This includes but is not limited to vulnerability scanning and patch management, access control governance and oversight, exceptions tracking, security tool management, tuning, and configuration, along with metrics and reporting.
" Be a primary for or support ongoing projects by assisting in the implementation, testing and documentation of security related projects

Experience with the following technologies should be referenced by applicants with details about software/hardware versions where relevant:

OS Skills:
" Intermediate to advanced skills in Windows, Linux, and/or OSX

Scripting Skills:
" Experience with any of the following is a plus: Unix Shell scripts, Perl,Python, Powershell, C#

Technology Experience:
" Firewalls (e.g. PaloAlto Networks, Checkpoint, Cisco ASA, Juniper SSG,PFSense, etc..)
" Log Management and SIEM (e.g. Splunk, IBM QRadar, Client ArcSight)
" Network Analysis Tools (e.g. Netwitness, Wireshark)
" System Analysis and Forensic Tools (e.g. FTK, EnCase)
" Endpoint Security (e.g. Carbon Black Enterprise Protection, Carbon BlackEnterprise Response, Symantec, McAfee, Forefront)
" Windows Management (e.g. WSUS, SCCM, SCOM, Active Directory, Group Policy Objects,)
" Vulnerability Management (e.g. Nexpose, Tenable Nessus, Qualys)
" Penetration Testing Tools (e.g. Metasploit, Backtrack, Kali)
" Operating Systems (e.g. Windows Server 2008/2012, CentOS Linux, OSX)
" Enterprise Microsoft Solutions (e.g. Exchange, Sharepoint, Lync)
" Regulatory Regimes (e.g. ISO27K, SSAE16, HIPPA, PCI, FISMA)
" Video Surveillance and Physical Access Control Systems
" Various Open-Source security and networking tools (MRTG, SysInternals, Nagios)

Preferences:

" BS/BA degree in Computer Science, Information Systems, or related discipline or equivalent experience
" 2 5 years of professional work experience in the security field
" The ideal candidate will have Linux OS and scripting skills. OSX and Windows skills are a plus
" Strong analytical skills to define risk, identify potential threats, and develop action/mitigation plan
" Strong interpersonal skills, ability to mentor/train staff and bring awareness to current and emerging threats
" Certifications a Plus: CISSP, SAN GIAC Certifications (GCIH, GPEN, GSEC, etc.)
" Other continuous education and training in the security field a plus
" Strong written and verbal communications skills with an ability to present technical risks and issues to non-technical audiences