Cyber Security Analyst

Job Title

Cyber Security Analyst

Job Duration

12 Months

Location

Boca Raton FL Hybrid

Job Description:

Note 10 Years experience.

MUST come onsite 3 days a week in the Boca Raton FL area.

Job Description:

Serve as technical escalation resource for Tier I/II Analysts/Engineers
Investigate and document events to aid incident responders managers and other Security Operations team members on security issues and the emergence of new threats.
Analyze attacker tactics techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and enduser systems.
Create and maintain data security documentation policies and procedures.
Plan and execute regular incident response and postmortem exercises with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
Evaluate current Security Operations standards and procedures and update or author new content as required.
Leverage a deep understanding of current and evolving security threats and threat detection solutions as well as contribute to the companys threat and vulnerability research and IT security strategy and roadmap.
Leverage automation and orchestration solutions to automate repetitive tasks. (Scripting abilities with Python are highly desired.)
Seek opportunities to drive efficiencies and collaborate with other technology teams (e.g. NOC Service Desk)
Partner with the security engineering team to improve tool usage and workflow
Partner with MDR and internal teams to mature monitoring and response capabilities.
Adhere to service level agreements (SLAs) metrics and business scorecard obligations for ticket handling of security incidents and events.
Leverage knowledge of security on multiple platforms and disciplines (Windows Unix Linux data loss prevention (DLP) endpoint controls databases wireless security and data networking)
On major incidents acts as incident commander and primary point of contact.
As a senior member of the team monitor and process responses for security events on a 24x7 basis. (Periodic oncall shift coverage)
Perform other related duties as assigned.

Qualifications/Requirements:

Bachelors degree in Information Technology/Security or 10 years of progressive experience in the IT / Information Security space required.
Excellent Project management skills including ability to create and maintain security project plans schedules metrics and progress reports/presentations.
Experience working with change management principles and operations.
General knowledge and understanding of information security and privacyrelated regulations.
Ability to plan organize and prioritize a varied workload.
Experience driving measurable improvement in monitoring and response capabilities at scale.
Knowledge of a variety of Internet protocols
Critical thinking skills and the ability to solve problems as they arise
Ability to work effectively with technical and nontechnical personnel in a crossfunctional setting.
Ability to relate security principles and processes to business and other departments.
Proficient knowledge of the Microsoft Office suite required.
Strong written and verbal communication skills required.

Desired Skills:
Experience working with various SIEM systems threat intelligence platforms security automation and orchestration solutions intrusion detection and prevention systems (IDS/IPS) file integrity monitoring (FIM) DLP and other network and system monitoring tools.
Moderate to Advanced knowledge in the following areas: Event analysis leveraging SIEM tools log parsing and analysis skill set networking fundamentals current threat landscape malware operation and indicators penetration techniques DDoS mitigation techniques IDS/IPS systems Windows and Unix or Linux Firewall and Proxy technology Data Loss Prevention monitoring scripting analysis experience and audit requirements (PCI HIPPA SOX etc.)
Extensive experience in Incident Response Incident Handling and Security Operations
Experience in digital forensics preferred to include processes and procedures for collecting and preserving digital evidence data acquisition and forensic analysis of data
Ability to conduct multistep breach and investigative analysis to trace the dynamic activities associated with advanced threats
Perform investigation and escalation for complex or high severity security threats or incidents
Advanced knowledge and expertise in the use of SIEM technologies for event investigation
Assist in defining and driving strategic initiatives
Coordinate evidence/data gathering and documentation and review Security Incident reports