Associate Cyber Security Analyst

American Technology Services (ATS) is a Managed Services and Managed Security Services Provider providing unparalleled Information Technology services to businesses, organizations, and government agencies. For over 28 years, ATS has been helping organizations manage risk, align IT with the needs of the business, and gain efficiencies through new and innovative technology solutions.

Roles and responsibilities:

• Must have a basic understanding of computer security concepts including Identity & Access Management, Network Security, Application Security, Incident Management, or Risk & Compliance
• Assist in the development of incident response plans, workflows, and SOPs and provide feedback.
• Be willing and eager to learn from your lead to fully understand the environment, processes, etc.
• Strong logical/critical thinking abilities, especially in analyzing security events (windows event logs, AV logs, network traffic, IDS/IPS events, firewall logs for malicious intent).
• Assist in vulnerability scan analysis and data gathering.
• Ability to provide feedback on rules, filters, views, signatures, countermeasures, and operationally relevant applications and scripts to continuously enhance detection efforts.
• Participate in incident investigations and responses involving advanced or complex threats.
• Have the ability to follow detailed incident response workflows, participate in critical security incident response investigations, and work with Sr. SOC personnel to follow an Incident Response plan.
• Research and leverage cybersecurity intelligence sources to improve SOC incident detection and response capabilities.
  • Experience collaborating with peers and other teams to identify improvements and identify areas for tuning use cases or signatures to enhance monitoring value
  • Ability to work with the SOC team and leadership during cyber monitoring, hunting, and incident response investigations is required.

Basic Qualifications:

• Bachelor’s degree in Cyber Security or equivalent certification.
• At least 1 year of experience in incident analysis, security architecture, malware research, SOC, or any other similar incident response experience.
• At least 1 year of experience with Security Information and Event Monitoring (SIEM) platforms or log management systems that perform log collection, analysis, correlation, and alerting.
• Required flexibility to work nights, weekends, and/or holiday shifts in the event of an incident response emergency.

Preferred Qualification:

• 2 + years of experience with Microsoft Windows systems including active directory.
• 2 + Years of experience with Unix systems.
• 2 + Years of experience with network devices such as firewalls, switches, and routers.
• 2 + Years of experience with Jira ticketing system
• 2 + years of experience inspecting log files, network packets, and other security tool information outputs from multiple system types.

All your information will be kept confidential according to EEO guidelines.