Threat Analyst

Threat Analyst Location: Atlanta, Ga Compensation: Commensurate with Experience MUST BE ABLE TO WORK SHIFTS WED - SAT 12-10pm Responsibilities

• Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc.
• Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats
• Remain abreast of emerging threat patterns and provide recommendations to detect threats
• Assists with patching recommendations and workarounds for zero-day threats.
• Coordinate mitigation or remediations task with stakeholders or supporting teams
• Communicates with management on incident updates.
• Monitors SIEM and analyzes security events to determine appropriate actions
• Monitors emails containing links/attachments associated with potential phishing attempts to determine appropriate actions
• Identify and tune false positives associated with current security events
• Document analytical steps and findings associated with security event investigations

• Escalation resource for other Cyber Security Analyst
• Represents Security Operations Center at internal/external meetings
• Develop use cases to increase visibility across company threat landscape
• Draft processes and procedures associated with daily operations

• 2 years IT security experience
• Minimum 2 years of experience in performing analysis on Windows and LINUX/UNIX systems
• Minimum 2 years of experience and/or familiarity in the following areas:
• Network/Endpoint: analysis tools
• Scripting languages
• Windows/Unix command line utilities
• Reputation analysis associated with IP's, Domains, Email Addresses
• Ticketing Systems
• Required to submit to a background examination.
• Experience operating within a security application such as Kali, Metasploit, and etc.

• 2 years Security Operations Center experience
• Exposure investigating security events associated with cloud applications
• Developed and tuned use cases for alerting in a SIEM
• Experience drafting Security Analyst procedures
• Experience working with an Incident Response team during a Cyber Security event/incident

• Oral and written communication skills
• Ability to take ownership of incidents from acknowledgement to resolution
• Ability to initiate security event investigations
• Ability to comprehend and articulate business impact associated with security events
• Interacting with vendors to support proof of concepts
• Proficient in Microsoft Office products: Excel, Word, Outlook and etc.
• Exposure, experience and/or knowledge of cloud technology
• Familiar with NIST 800-61 and SANS Critical Security Controls
• Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies

• GIAC Security Essentials (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• Security+
• Other certifications within IT Security