Job
Description
Security Analyst Job Summary The Security Analyst will perform initial triage and investigation activities, gather relevant data and escalate alerts for additional action, if necessary. Additionally, this role will investigate phishing emails detected by security tools or reported to the Security Team from users. The analyst will investigate the email contents and take corrective actions as needed. Duties & Responsibilities Triage alerts originating from security tools, such as intrusion detection/prevention systems, security information and event management (SIEM), firewalls and host based security systems Conduct log based and endpoint based threat detection to detect and protect against threats coming from multiple sources Investigate reported phishing emails, malicious files / URLs and take appropriate action Assist with incident tracking and documentation Stay current on emerging threats and vulnerabilities to aid in the identification of incidents Provide users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary Perform security standards testing against IT Assets before implementation to ensure security Validate people, processes, and technology comply with IT policies Experience & Education Requirements 4 7 years of relevant experience in Information Security Awareness of Information Security, compliance, and/or other security standard methodologies and principles, such as NIST/SANS, MITRE ATT&CK, and CIS Controls Familiarity with security data analysis, including UEBA, using analytic tools and other query language In depth knowledge of networking, client / server operations, packet analysis Experience leveraging SIEMs to investigate and respond to alerts Understanding of Cyber Kill Chain and associated APT methodologies Phishing analysis response experience, to include:email header review, open source tools, and attack vector analysis Malware analysis of attachments, to include:Sandboxing, open source tools, isolated environments. Preferred Requirements Security certifications, i.e., CompTia, CEH, GIAC, Offensive Security, etc. Hands on experience in Incident Response Monitoring, Forensics, or related specialty. Skills & Abilities Ability to work collaboratively across multiple teams Strong communication skills to effectively convey technical data to non technical audiences Dedicated work ethic Strong work prioritization and planning skills Strong troubleshooting and problem solving skills Should be able to support 24*7 rotational shifts
