HybridLocal TX Govt Network Security Analyst

Job ID: TX-302CSD2651 ()

Hybrid/Local TX Govt Network Security Analyst (GSEC/CEH/CISA/CCSP/AWS/OpenStack Admin/15) with Cisco Umbrella/Palo Alto/ZScaler NIST SIEM EDR/XDR Windows/Linux/cloud Proofpoint/MimeCast/MS Splunk/Rapid7/SumoLogic Symantec/Bitglass/Netskope experience

Location: Austin TX (OAG)
Duration: 5 Months

Skills:
8 Required Strong understanding of attacker tactics techniques and procedures.
8 Required Experience analyzing logs and telemetry from SIEM EDR/XDR network security identity platforms and cloud environments.
8 Required Proficiency in query languages and scripting used for threat hunting.
8 Required Solid knowledge of Windows Linux and cloud operating systems including common attack vectors and persistence mechanisms.
8 Required Proven expertise in security considerations of cloud computing: They include data breaches broken authentication hacking account hijacking malicious insiders third parties APTs data loss and DoS attacks.
8 Required Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats and designing solutions to mitigate those threats.
8 Required Knowledge and experience working with relevant National Institute of Standards and Technology (NIST) standards.
8 Required Familiarity with threat intelligence sources malware analysis concepts and digital forensics fundamentals.
8 Required Experience documenting investigations creating hunt reports and communicating technical findings to diverse audiences.
8 Required Strong analytical problem-solving and critical-thinking skills.
8 Required Ability to work independently while collaborating effectively within cross-functional cybersecurity teams.
8 Required Ability to resolve complex security issues in diverse and decentralized environments; to learn communicate and teach new information and security technologies; and to communicate effectively.
8 Required Conduct forensic investigations on cyberattacks to determine how they occurred and how they can be prevented in the future.
8 Required Experience creating/reviewing/updating security policies and standards for the public/private/hybrid cloud contexts.
3 Preferred GSEC CEH CISA CCSP
3 Preferred Certification as an AWS Solutions Architect Cloud Security Certification and/or OpenStack Administrator Certification a plus. (Other cloud-related certification also a plus.)
3 Preferred Experience with Endpoint Detection and Response (i.e. EndGame Crowdstrike CyberReason). Detect and respond to alerts from end point detection response tools.
3 Preferred Experience with Email Threat Management (i.e. Proofpoint MimeCast Microsoft).
3 Preferred Experience with SIEM engineering design/management/analysts (i.e. Splunk Rapid7 SumoLogic).
3 Preferred Experience with Data Loss Protection/Cloud Access Security Brokers (i.e. Symantec Microsoft Bitglass Netskope).
3 Preferred Experience with Cloud Enterprise Network Security (i.e. Cisco Umbrella Palo Alto ZScaler).

Description:
We are seeking a highly motivated and talented individual to join our cybersecurity team at the Texas Office of the Attorney General (TxOAG) as a Network Security Analyst. The Network Security Analyst is responsible for proactively identifying investigating and disrupting advanced cyber threats that evade traditional security controls. The role focuses on hypothesis-driven analysis adversary behavior detection and continuous improvement of threat detection capabilities.

Key Responsibilities
Proactively conduct threat hunting activities to identify malicious activity advanced persistent threats and indicators of compromise not detected by automated tools
Develop and execute hypothesis-driven hunts based on threat intelligence adversary tactics techniques and procedures (TTPs) and organizational risk profiles
Analyze endpoint network identity and cloud telemetry to detect anomalous or suspicious behavior
Investigate and validate potential security incidents determine root cause and assess scope and impact
Collaborate with incident response SOC and detection engineering teams to support containment eradication and recovery activities
Translate threat hunting findings into actionable detection logic alerts and analytics to improve security monitoring
Document hunting methodologies findings and recommendations in formal reports and knowledge repositories
Contribute to the development and tuning of security use cases queries and detection rules across SIEM EDR NDR and cloud security platforms
Leverage threat intelligence sources to track emerging threats attacker tools and campaigns relevant to the organization
Support purple team activities tabletop exercises and continuous adversary simulation efforts
Maintain awareness of evolving attacker techniques and emerging cybersecurity threats

The above job description and requirements are general in nature and may be subject to change based on the specific needs and requirements of the organization and project.

innoSoul Inc. is an Information Technology company and offers technology solutions in various platforms to different business domains. More specifically business solutions for Application Development System integration network or software installation support Custom Web Development Hosting solutions. Our value-added solutions leverage technology to enhance business performance increase productivity and secure data.