Vacancy caducado!
Threat Analyst Location: Atlanta, Ga Compensation: Commensurate with Experience MUST BE ABLE TO WORK SHIFTS WED - SAT 12-10pm Responsibilities
- Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc.
- Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats
- Remain abreast of emerging threat patterns and provide recommendations to detect threats
- Assists with patching recommendations and workarounds for zero-day threats.
- Coordinate mitigation or remediations task with stakeholders or supporting teams
- Communicates with management on incident updates.
- Monitors SIEM and analyzes security events to determine appropriate actions
- Monitors emails containing links/attachments associated with potential phishing attempts to determine appropriate actions
- Identify and tune false positives associated with current security events
- Document analytical steps and findings associated with security event investigations
- Escalation resource for other Cyber Security Analyst
- Represents Security Operations Center at internal/external meetings
- Develop use cases to increase visibility across company threat landscape
- Draft processes and procedures associated with daily operations
- 2 years IT security experience
- Minimum 2 years of experience in performing analysis on Windows and LINUX/UNIX systems
- Minimum 2 years of experience and/or familiarity in the following areas:
- Network/Endpoint: analysis tools
- Scripting languages
- Windows/Unix command line utilities
- Reputation analysis associated with IP's, Domains, Email Addresses
- Ticketing Systems
- Required to submit to a background examination.
- Experience operating within a security application such as Kali, Metasploit, and etc.
- 2 years Security Operations Center experience
- Exposure investigating security events associated with cloud applications
- Developed and tuned use cases for alerting in a SIEM
- Experience drafting Security Analyst procedures
- Experience working with an Incident Response team during a Cyber Security event/incident
- Oral and written communication skills
- Ability to take ownership of incidents from acknowledgement to resolution
- Ability to initiate security event investigations
- Ability to comprehend and articulate business impact associated with security events
- Interacting with vendors to support proof of concepts
- Proficient in Microsoft Office products: Excel, Word, Outlook and etc.
- Exposure, experience and/or knowledge of cloud technology
- Familiar with NIST 800-61 and SANS Critical Security Controls
- Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies
- GIAC Security Essentials (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- Security+
- Other certifications within IT Security
Vacancy caducado!