Cyber Security Analyst

Description:

A our client's Security Analyst participates in monitoring, hunting, and responding to cyber security events. They provide a front-line role during cyber security incidents, identifying the extent of the threat, business impacts, and advising or sometimes performing the most suitable course of action to contain, eradicate, and remediate an incident. A Security Analyst maintains a good knowledge of the threat landscape and helps enhance visibility and response capabilities by identifying new methods of detecting threats. A Security Analyst is proactive and seeks out adversaries determined to negatively impact our client's reputation, financial interest, or threaten the safety of our employees and customers. Additionally, a strong understanding of cloud concepts, including identity protection, entraid, and conditional access policies, is essential. Preferred experience includes working with risk-based alerting and SOAR platforms.

Responsibilities

• Act on security events presented to Analyst via SIEM, user submissions, dashboards, etc.
• Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats
• Remain abreast of emerging threat patterns and provide recommendations to detect threats
• Assists with patching recommendations and workarounds for zero-day threats.
• Coordinate mitigation or remediations task with stakeholders or supporting teams
• Communicates with management on incident updates.
• Monitors SIEM and analyzes security events to determine appropriate actions
• Monitors emails containing links/attachments associated with potential phishing attempts to determine appropriate actions
• Identify and tune false positives associated with current security events
• Document analytical steps and findings associated with security event investigations

Qualifications Required for Cyber Security Analyst

• 2 years IT security experience
• Minimum 2 years of experience in performing analysis on Windows and LINUX/UNIX systems
• Minimum 2 years of experience and/or familiarity in the following areas:
• Network/Endpoint: analysis tools
• Scripting languages
• Windows/Unix command line utilities
• Reputation analysis associated with IP’s, Domains, Email Addresses
• Ticketing Systems
• Required to submit to a background examination.
• Understanding of cloud concepts, including identity protection, entraid, and conditional access policies