RESPONSIBILITIES
- Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach.
- Monitor and correlate security event log information to identify and detect anomalous activity.
- Document and conform to processes related to security monitoring, patching and incident response.
- Implement techniques using the most advanced technologies to hunt for the unknown threats in the environment
- Appropriately inform and advise management on incidents and incident prevention.
- Participate in knowledge sharing with other analysts and develop solutions efficiently.
- Upgrade security systems by monitoring security environment; identifying security gaps, evaluating and implementing enhancements.
- Enhance department and organization reputation by delivering quality results and exploring opportunities to increase value and raise awareness of Information Security Program.
REQUIREMENTS
- 4+ years of experience in Security Operations
- Experience with Security Information and Event Management (SIEM) including event analysis, alert generation, investigations, and reporting.
- Experience investigating security incidents using various security tools including EDR tools such as Carbon Black or CrowdStrike
- Experience with vulnerability analysis and reporting using vulnerability management software such as Rapid7, Nessus, or Qualys.
- Programming and scripting skills such as PowerShell, VBScript, Python, etc.
- Bachelor's degree or better in Cyber Security, Information Systems, or any other security-related subject is preferred
- CISSP, CISA, CEH, ECSA or other security-focused certification is preferred