Security Monitoring Analyst

Description

As a Security Analyst on the Information Security Operations team you will be tasked with creating a pipeline of security system logs relevant to consistently generating highquality and actionable threat detections across the company. This will be done in conjunction with a Managed Detection and Response (MDR) vendor who will help monitor our environment on a 24/7 basis.

Responsibilities

• Contribute to the development and improvement of Security Monitoring processes and tools. This will involve staying abreast of the latest security technologies and trends and recommending improvements to existing security infrastructure. Proactive Threat Monitoring: Monitor network traffic system logs and security alerts to identify potential threats and anomalies. This will involve utilizing various security information and event management (SIEM) tools intrusion detection systems (IDS) and other security monitoring technologies.

• Develop and refine detection rules and signatures to improve the efficiency and effectiveness of threat detection systems. This will involve staying abreast of the latest threat intelligence and attack techniques.

• Analyze security events to verify and assess the initial scope impact and root cause of security alerts. This will require indepth knowledge of network protocols authentication mechanisms operating systems and common attack vectors.

• Identify processes that can be automated and orchestrated to ensure maximum efficiency of operational resources reducing manual repetitive tasks where possible.

• Exhibit handson experience with security monitoring and incident response tools and technologies including SIEM platforms intrusion detection systems and endpoint detection and response (EDR) solutions.

Qualifications

• BA/BS in Engineering Computer Science Information Security or Information Systems related work experience or proven demonstrable experience or skills in cybersecurity via Capture the Flag competitions or games hacking platforms or home Labs.

• Typically requires 35 years of handson experience in a similar security role.

• Excellent investigative skills with the ability to think like an adversary.

• Strong problemsolving and troubleshooting skills.

• Strong decisionmaking capabilities with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.

• Selfmotivated and possessing a high sense of urgency and personal integrity.

• High ethical standards and values.

• Able to define and refine operational procedures workflows and processes to support the team in consistently executing monitoring and detection with quality.

• Good understanding and knowledge of common industry cyber security frameworks standards and methodologies including but not limited to MITRE ATT&CK OWASP ISO2700x series PCI DSS and NIST standards.

• Strong communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.

• Demonstrate proficiency in scripting languages (e.g. Python PowerShell Bash) for automating security tasks and analyzing data.

• Possess a working knowledge of network infrastructure and communication protocols including TCP/IP DNS and HTTP.

• Experience working with cloud security platforms (e.g. AWS Azure GCP) would be highly desired.

• Relevant cybersecurity certifications (e.g. Security GSEC etc. are valued.

• Knowledge of threat intelligence platforms and techniques is beneficial.

• Will be required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements.