IT Cyber Security Principal Analyst

IT Cyber Security Principal Analyst

HIGHLIGHTS
Location: Chandler AZ 85224 (Hybrid)
Position Type: Direct Hire
Residency Status: US Citizen or Green Card Holder ONLY

Overview:

The IT Cyber Security Principal Analyst with our client is responsible for protecting the companys information systems and networks from cyber threats. Key duties include proactive threat hunting monitoring detecting analyzing and responding to security incidents managing multi-vendor security tools and implementing preventive measures. The role also involves developing security strategies to enhance the companys security posture and requires close collaboration with IT teams management and other stakeholders to maintain a robust and compliant cybersecurity framework.

Key Responsibilities:

• Utilize the latest threat intelligence to detect emerging threats.
• Enhance team efficiency by identifying tuning opportunities creating automation playbooks and optimizing technology use.
• Review and provide technical advice on tuning recommendations to improve security posture.
• Serve as an escalation point for process and technical advice.
• Conduct quality audits on incident tickets to ensure compliance with processes.
• Conduct detailed investigations of security alerts including those escalated by Level 1/2 SOC Analysts.
• Analyze technical details to determine whether an anomaly is a potential security threat.
• Manage incidents and response processes ensuring timely and accurate resolution.
• Perform advanced analysis of incidents evaluating their sophistication and potential impact.
• Provide technical guidance to Level 1/2 Analysts to help resolve complex incidents.
• Ensure the quality of reports and maintain high standards of accuracy in incident management.
• Lead teams or sub-teams as needed.
• Provide on-call support for high-priority or high-severity incidents.
• Ensure balanced capacity and workforce for 24/7 SOC service delivery.
• Assist in generating raw data for KPIs submit calculations record results and recommend quality performance measures.
• Deliver training to enhance the skills of new and existing team members.
• Contribute to SOC playbooks and knowledgebase with findings from investigations to inform future responses.

• Bachelor s degree in Computer Science Information Assurance Information Security Systems or a related field.
• Minimum of 7 years of experience in a Cyber Security role in medium to large business and/or previous MSP experience.
• Highly desirable certifications: CompTIA SEC CYSA or similar credentials.
• Relevant system and network certifications (e.g. A Network CCNA).

• Understanding of network and endpoint security solutions including firewalls proxies antivirus and IDS/IPS concepts.
• Proficient in networking protocols/technologies (e.g. TCP IP HTTP/HTTPS).
• Experience with SIEM UEBA and EDR.
• Proficiency in OSINT techniques and tools (e.g. Maltego Shodan SpiderFoot) for threat hunting.
• Advanced knowledge of Unix Linux and Windows operating systems.
• Experience with attack and penetration testing methodologies and vulnerability assessment tools (e.g. Metasploit Burp SuiteNmap Nessus Qualys).
• Ability to build scripts tools or methodologies to enhance incident investigation and processes (e.g. Python PowerShellWireshark).
• Knowledgeable with Web application security.
• Possesses a strong understanding of AI applications in threat detection and response with experience in leveraging AI and machine learning algorithms to enhance security measures and automate threat analysis. Emphasizes the importance of understanding fundamental principles and not relying solely on AI.

• Advanced investigation techniques including:
• Network forensic acquisition and analysis (e.g. Wireshark PacketTracer Open Source Tools).
• Endpoint forensic acquisition and analysis (e.g. EnCase X-Ways Axiom IEF FTK).
• Memory analysis.
• Analysis of various security logs (e.g. endpoint security appliances SIEM Windows event syslog).
• Reverse malware engineering.
• Email header analysis.
• Vulnerability report analysis and remediation.

• Strong verbal and written communication skills with the ability to write structured reports.
• Comfortable leading investigations and communicating with stakeholders and colleagues on both technical and non-technical levels.
• Strong sense of personal responsibility for learning and self-development.

We are GTN The Go To Network