Associate Cyber Security Analyst

Roles and responsibilities:

• Must have a basic understanding of computer security concepts including Identity & Access Management, Network Security, Application Security, Incident Management, or Risk & Compliance
• Assist in the development of incident response plans, workflows, and SOPs and provide feedback.
• Be willing and eager to learn from your lead to fully understand the environment, processes, etc. 
• Strong logical/critical thinking abilities, especially in analyzing security events (windows event logs, AV logs, network traffic, IDS/IPS events, firewall logs for malicious intent).
• Assist in vulnerability scan analysis and data gathering.
• Ability to provide feedback on rules, filters, views, signatures, countermeasures, and operationally relevant applications and scripts to continuously enhance detection efforts.
• Participate in incident investigations and responses involving advanced or complex threats.
• Have the ability to follow detailed incident response workflows, participate in critical security incident response investigations, and work with Sr. SOC personnel to follow an Incident Response plan.
• Research and leverage cybersecurity intelligence sources to improve SOC incident detection and response capabilities.

• Experience collaborating with peers and other teams to identify improvements and identify areas for tuning use cases or signatures to enhance monitoring value
• Ability to work with the SOC team and leadership during cyber monitoring, hunting, and incident response investigations is required.

• Basic Qualifications:

  • Bachelor’s degree in Cyber Security or equivalent certification.
  • At least 1 year of experience in incident analysis, security architecture, malware research, SOC, or any other similar incident response experience.
  • At least 1 year of experience with Security Information and Event Monitoring (SIEM) platforms or log management systems that perform log collection, analysis, correlation, and alerting.
  • Required flexibility to work nights, weekends, and/or holiday shifts in the event of an incident response emergency.

  Preferred Qualification:

  • 2 + years of experience with Microsoft Windows systems including active directory.
  • 2 + Years of experience with Unix systems.
  • 2 + Years of experience with network devices such as firewalls, switches, and routers.
  • 2 + Years of experience with Jira ticketing system
  2 + years of experience inspecting log files, network packets, and other security tool information outputs from multiple system types