Security Analyst-SecureWorks

First Soft Solutions

Job Location:

Tallahassee, FL - USA

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

NO Remote its a on-site position

Job Duties:

Act as primary liaison for daily operations between the Department and the Departments Managed Security Services Provider SecureWorks as assigned by the Department.
Review current information security policies and processes to assist management with developing project goals as assigned by the Department.
Perform computer incident response within the scope and capabilities of the MSSP; assist with computer incident response originating from sources outside the scope of the MSSP as assigned by the Department.
Perform advanced-level analysis of security events and incidents reported by the MSSP and other monitoring platforms as assigned by the Department.
Assist the MSSP and Security Administration Team with the identification and integration of all Department information security-related logs as assigned by the Department.
Assist the MSSP and Security Administration Team in deploying and health monitoring of MSSP-specific endpoint agents across multiple physical and virtual IT platforms as assigned by the Department.
Assist the Security Administration Team in deploying and health monitoring of non-MSSP specific endpoint agents across multiple physical and virtual IT platforms as assigned by the Department.
Assist the MSSP and Security Administration Team in maintaining the health of MSSP-specific log collection and IDS/IPS physical and virtual appliances as assigned by the Department.
Assist with the continuous integration of all relevant Department data sources and systems existing or new into the MSSP and other SIEM and SOAR solutions as assigned by the Department.
Provide Department management with status reports on assigned project goals.

Required Qualifications:

A minimum of 4 years working as a security analyst in an environment utilizing a Managed Security Services Provider (MSSP) preferably SecureWorks.
A minimum of 4 years coordinating and conducting event collection log management and event management using Security Information & Event Management (SIEM) or other log management systems.
A minimum of 4 years with identity monitoring activities using SIEM or other log management systems.
A minimum of 4 years with research and analysis of log sources utilized for security monitoring.
A minimum of 4 years of experience configuring and monitoring IDS/IPS log collectors firewalls load balancers web gateways and other network traffic physical and virtual appliances.
A minimum of 4 years with endpoint deployment solutions to enable installation of security products and telemetry gathering on computer workstations and servers of varying operating systems and versions (e.g. SCCM Altiris KACE Ivanti).
A minimum of 4 years in Microsoft Active Directory on-premises and Azure (hybrid) administration including practices of account provisioning enable/disable/reset and management of Organizational Units and Groups.

NO Remote its a on-site position Job Duties: Act as primary liaison for daily operations between the Department and the Departments Managed Security Services Provider SecureWorks as assigned by the Department. Review current information security policies and processes to assist management wi...

NO Remote its a on-site position

Job Duties:

Act as primary liaison for daily operations between the Department and the Departments Managed Security Services Provider SecureWorks as assigned by the Department.
Review current information security policies and processes to assist management with developing project goals as assigned by the Department.
Perform computer incident response within the scope and capabilities of the MSSP; assist with computer incident response originating from sources outside the scope of the MSSP as assigned by the Department.
Perform advanced-level analysis of security events and incidents reported by the MSSP and other monitoring platforms as assigned by the Department.
Assist the MSSP and Security Administration Team with the identification and integration of all Department information security-related logs as assigned by the Department.
Assist the MSSP and Security Administration Team in deploying and health monitoring of MSSP-specific endpoint agents across multiple physical and virtual IT platforms as assigned by the Department.
Assist the Security Administration Team in deploying and health monitoring of non-MSSP specific endpoint agents across multiple physical and virtual IT platforms as assigned by the Department.
Assist the MSSP and Security Administration Team in maintaining the health of MSSP-specific log collection and IDS/IPS physical and virtual appliances as assigned by the Department.
Assist with the continuous integration of all relevant Department data sources and systems existing or new into the MSSP and other SIEM and SOAR solutions as assigned by the Department.
Provide Department management with status reports on assigned project goals.

Required Qualifications:

A minimum of 4 years working as a security analyst in an environment utilizing a Managed Security Services Provider (MSSP) preferably SecureWorks.
A minimum of 4 years coordinating and conducting event collection log management and event management using Security Information & Event Management (SIEM) or other log management systems.
A minimum of 4 years with identity monitoring activities using SIEM or other log management systems.
A minimum of 4 years with research and analysis of log sources utilized for security monitoring.
A minimum of 4 years of experience configuring and monitoring IDS/IPS log collectors firewalls load balancers web gateways and other network traffic physical and virtual appliances.
A minimum of 4 years with endpoint deployment solutions to enable installation of security products and telemetry gathering on computer workstations and servers of varying operating systems and versions (e.g. SCCM Altiris KACE Ivanti).
A minimum of 4 years in Microsoft Active Directory on-premises and Azure (hybrid) administration including practices of account provisioning enable/disable/reset and management of Organizational Units and Groups.