Associate Information Security Analyst shall be responsible for monitoring, assessing, and remediating cybersecurity events to secure and protect proprietary, personal, and privileged electronic data. Utilize cybersecurity tools to monitor and detect attacks and vulnerabilities in the network. Monitor
SIEM alerts for evidence of compromise and investigates security incidents.
Responsibilities:
- The resource will function as a member of the Security Operation Center performing intrusion detection, prevention, and incident response.
- Must be able to operate as a member of a frontline team in security operation, monitoring and analyzing custom alerts and dashboards.
- Provides feedback in assessing new threat vectors and the effectiveness of controls.
- Leverages advanced investigative skills using best-in-class data correlation and network/packet analysis tools.
- Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security incidents.
Requirements:
- A minimum of 2-3 years of relevant professional experience.
- A solid foundation in networking fundamentals, with a deep understanding of TCP/IP and other core protocols.
- Experience in enterprise intrusion analysis, SIEM, and incident response.
- The ability to analyze logs from various security devices and web servers.
- Familiarity with network architecture and security infrastructure placement.
- Understanding of Windows and Unix operating systems, and command line tools.
- Knowledge of attack vectors, threat tactics, kill chain, and attacker techniques is a plus.
- Experience with Cloud Incident Response is a plus (e.g., AWS, Azure)
- Interpersonal skills sufficient to work with both technical and non-technical personnel at various levels in the organization.
- Ability to elicit and communicate technical and non-technical information clearly and concisely.
- An open mind, willingness to be challenged, and strong desire to learn
- Should be flexible to work during different shifts and possibly weekends
Good to have:
- Exposure to the incident response of cloud-based and distributed infrastructures are a plus.
- Any certifications related to information security are a plus.