Cybersecurity Alerts Analyst

McLean, MD - USA

Monthly Salary: Not Disclosed

Posted on: 19 hours ago

Vacancies: 1 Vacancy

Job Summary

Harmonia Holdings Group LLC is an award-winning rapidly growing federal government contractor committed to providing innovative high-performing solutions to our government clients and focused on fostering a workplace that encourages growth initiative creativity and employee satisfaction.

Description

Title: Cybersecurity Alerts Analyst

Location: Remote

Terms: Full-time

Clearance: Public Trust

Travel: <10%

Position Description

We have an opening for a full-time Cybersecurity Alerts Analyst to join our talented dynamic team.

As a Cybersecurity Alerts Analyst you will play a critical role in supporting the mission of the Veterans Affairs (VA) by monitoring key cybersecurity systems for intrusions and vulnerabilities amongst VAs application environments.

Veterans are encouraged to apply.

Responsibilities:

For a Cybersecurity Alerts Analyst the duties related to Palo Altos Prisma Cloud tools are highly focused on triage investigation and response for cloud-native security events. Unlike an on-premise analyst who might focus on firewall or endpoint logs this role is centered on the unique risks of the cloud.

Here are some key duties for a Cybersecurity Alerts Analyst:

Review and triage alerts generated by Prisma Cloud as the first line of defense and identify if the alert is a true positive or a false positive.
Use Prisma Clouds features to enrich alerts with critical context; examining the affected asset (e.g. a container serverless function or virtual machine) its environment (e.g. production vs. development) its network exposure and any associated user or service identities to help quickly determine severity and business impact
Prioritize the most critical alerts using Prisma Clouds risk scoring and attack path analysis focusing on incidents that show a clear path to sensitive data or a known exploitable vulnerability rather than simply responding to every low-severity misconfiguration.
Performs a deeper investigation for true positive alerts pivoting from the alert to review associated logs network traffic and forensic data within Prisma Clouds dashboard.
Proactively use Prisma Clouds tools to hunt for potential threats that havent triggered an alert. This can involve searching for anomalous activity suspicious network connections or unauthorized changes to cloud configurations.
Work to identify the root cause of the incident. For example if a container has a vulnerability they investigate why that container was allowed into production in the first place or if a user has overly permissive access they look into the reason behind it.
Work with security orchestration automation and response (SOAR) playbooks often integrated with Prisma Cloud to trigger automated response actions. This could involve an automated process to disable a compromised user account or a virtual patch to a host to prevent an exploit.
Provide the technical team with specific actionable remediation steps where automation isnt possible. This could be as simple as telling a DevOps engineer which misconfigured S3 bucket to lock down.
Documents the investigation and provides clear concise communication to stakeholders escalating high-priority incidents to senior analysts or incident response teams ensuring they have all the necessary context to take over.
Fine-tuning Prisma Cloud policies to reduce alert fatigue if they consistently see false positives from a certain rule and work with a senior engineers or a DevOps team to adjust the policy or exclude specific resources.
Create new detection rules based on emerging threats or new compliance requirements using Prisma Clouds policy-as-code capabilities.

Requirements

Bachelors Degree or higher - equivalent experience may be considered in lieu of a degree.
3 years experience with a SIEM tool 5 years without a degree. (Splunk Exabeam SentinelOne QRadar Sumo Logic etc)

Desired

XSIAM and Prisma Cloud experience a plus.
Experience with Agile project management methods and frameworks such as SCRUM.
Exceptional written and verbal communication skills.
Strong planning organizational and time management skills.
Exceptional analytical and conceptual thinking skills.
Strong leadership skills and ability to work collaboratively with a team of peers.

Here at Harmonia we are pleased to have been repeatedly recognized for our outstanding work culture the innovative work we do and the employees on our team who make a difference each day. Some of these recognitions include:

Recognized as a Top 20 Best Place to Work in Virginia
Recipient of Department of Labors HireVets Gold Medallion
Great Place to Work Certification for five years running
A Virginia Chamber of Commerce Fantastic 50 company
A Northern Virginia Technology Council Tech 100 company
Inc. 5000 list of fastest growing companies for eleven years
Two-time SBA SBIR Tibbetts Award winner
Virginia Values Veterans (V3) Certification

We recognize that every bit of our success is the result of our teams of hard-working motivated and innovative professionals who are proud to call themselves part of the Harmonia family! In addition to competitive compensation a family-focused culture and a dynamic productive work environment we offer all full-time employees a variety of benefits including but not limited to

Traditional and HSA- eligible medical insurance plans
100% employer-paid dental and vision insurance options
100% employer-sponsored STD LTD and life insurance
5% 401(k) company matching
Flexible-schedules and teleworking options
Paid holidays and PTO Accrual Plans
Paid Parental Leave
Professional development and career growth opportunities
Team and company-wide events recognition and appreciation-- and so much more!

Check out ourLinkedInFacebook andInstagramto find out a little more about who we are and if we are the right next step for your career!

Harmonia is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race color religion national origin age gender gender identity sexual orientation disability or genetics.Harmonia does and will take affirmative action to employ and advance in employment individuals with disabilities and protected perform the above job successfully an individual must possess the knowledge skills and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation please contact.

Required Experience:

Description

Title: Cybersecurity Alerts Analyst

Location: Remote

Terms: Full-time

Clearance: Public Trust

Travel: <10%

Position Description

We have an opening for a full-time Cybersecurity Alerts Analyst to join our talented dynamic team.

Veterans are encouraged to apply.

Responsibilities:

Here are some key duties for a Cybersecurity Alerts Analyst:

Review and triage alerts generated by Prisma Cloud as the first line of defense and identify if the alert is a true positive or a false positive.
Use Prisma Clouds features to enrich alerts with critical context; examining the affected asset (e.g. a container serverless function or virtual machine) its environment (e.g. production vs. development) its network exposure and any associated user or service identities to help quickly determine severity and business impact
Prioritize the most critical alerts using Prisma Clouds risk scoring and attack path analysis focusing on incidents that show a clear path to sensitive data or a known exploitable vulnerability rather than simply responding to every low-severity misconfiguration.
Performs a deeper investigation for true positive alerts pivoting from the alert to review associated logs network traffic and forensic data within Prisma Clouds dashboard.
Proactively use Prisma Clouds tools to hunt for potential threats that havent triggered an alert. This can involve searching for anomalous activity suspicious network connections or unauthorized changes to cloud configurations.
Work to identify the root cause of the incident. For example if a container has a vulnerability they investigate why that container was allowed into production in the first place or if a user has overly permissive access they look into the reason behind it.
Work with security orchestration automation and response (SOAR) playbooks often integrated with Prisma Cloud to trigger automated response actions. This could involve an automated process to disable a compromised user account or a virtual patch to a host to prevent an exploit.
Provide the technical team with specific actionable remediation steps where automation isnt possible. This could be as simple as telling a DevOps engineer which misconfigured S3 bucket to lock down.
Documents the investigation and provides clear concise communication to stakeholders escalating high-priority incidents to senior analysts or incident response teams ensuring they have all the necessary context to take over.
Fine-tuning Prisma Cloud policies to reduce alert fatigue if they consistently see false positives from a certain rule and work with a senior engineers or a DevOps team to adjust the policy or exclude specific resources.
Create new detection rules based on emerging threats or new compliance requirements using Prisma Clouds policy-as-code capabilities.

Requirements

Bachelors Degree or higher - equivalent experience may be considered in lieu of a degree.
3 years experience with a SIEM tool 5 years without a degree. (Splunk Exabeam SentinelOne QRadar Sumo Logic etc)

Desired

XSIAM and Prisma Cloud experience a plus.
Experience with Agile project management methods and frameworks such as SCRUM.
Exceptional written and verbal communication skills.
Strong planning organizational and time management skills.
Exceptional analytical and conceptual thinking skills.
Strong leadership skills and ability to work collaboratively with a team of peers.

Recognized as a Top 20 Best Place to Work in Virginia
Recipient of Department of Labors HireVets Gold Medallion
Great Place to Work Certification for five years running
A Virginia Chamber of Commerce Fantastic 50 company
A Northern Virginia Technology Council Tech 100 company
Inc. 5000 list of fastest growing companies for eleven years
Two-time SBA SBIR Tibbetts Award winner
Virginia Values Veterans (V3) Certification

Traditional and HSA- eligible medical insurance plans
100% employer-paid dental and vision insurance options
100% employer-sponsored STD LTD and life insurance
5% 401(k) company matching
Flexible-schedules and teleworking options
Paid holidays and PTO Accrual Plans
Paid Parental Leave
Professional development and career growth opportunities
Team and company-wide events recognition and appreciation-- and so much more!

Check out ourLinkedInFacebook andInstagramto find out a little more about who we are and if we are the right next step for your career!

Required Experience:

Key Skills

ArcGIS
Intelligence Community Experience
GIS
Python
Computer Networking
Data Collection
Intelligence Experience
R
Relational Databases
Analysis Skills
Data Management
Application Development

Apply Now

About Company

Harmonia Holdings Group

Join Our Team Are you an innovative thinker ready to make an impact on how government agencies meet their missions? Do you want to work for a company that values your ideas and grows your technical expertise? Join our team and watch your career advance!

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click