Security Analyst

Job Summary

The Security Analyst will prepare and defend our networks, data and systems (on-premise and in the cloud) from attack. They will use an understanding of tactics, techniques, and procedures used by attackers and apply that knowledge to assist in the investigation of cyber-attacks in order to ensure steps are taken to mitigate the threat and help the team to track all security incidents to closure. The Security Analyst will work on activities such as incident response, logging/monitoring support, application security, configuration reviews, and configuration and maintenance of various security controls, both on premise and on cloud infrastructure. They will assist on creating and revising information security standards and policies as well as create and produce applicable metrics.

Responsibilities

Participate in vulnerability management related activities including the identification, prioritization and directing the remediation of security related vulnerabilities.

Design, develop, implement, and maintain security documentation.

Document all tickets and alerts worked on in the required SLA.

Monitor and respond to SIEM alerts.

Participate in rotational on-call responsibilities.

Education and Experience

1-3 years of related security experience

Deep understanding of cyber incident response processes and procedures.

Familiarity with network forensics including PCAP analysis, network security, and IDS/IPS analysis.

Understanding of Cyber Threat Intelligence and Cyber Security Awareness concepts.

In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems.

Knowledgeable with various security infrastructure tools such as intrusion prevention/detection systems, anti-virus/endpoint detection and response, proxy servers, email controls, and SIEM.

Ability to work as part of a team, show initiative and take on new tasks as assigned.

Ability to perform risk analysis and communicate that risk to others.

General understanding of AWS, Azure, and/or Google Cloud.

Experience in a 24x7 global enterprise, preferably in the financial industry.

SANS GIAC (GSEC, GCIA, GCIH, GCFA, etc.), CISSP, CEH, Security+, or similar information security certifications.

Scripting experience, preferably Python and/or PowerShell.

SIEM knowledge and experience.

General system and/or network administration experience.

Cloud Security Experience (AWS and Azure).

Bachelor’s degree in related field of study, preferred.

Security+ or other technical certifications, preferred.

#LI-ZP1