The Senior Security Analyst is responsible for assisting the Information Security Team in protecting Client’s data assets while enabling the business. This role is key to ensuring SIEM and other key related security systems are accurately configured, alerting, and reporting. Additionally, role includes reviewing security access requests, assessing vulnerability management reports, assisting with incident management, working with senior management to improve security standards/procedures, and enhancing Client’s overall security footprint. This person must have ability to work both remotely and from the corporate office (when needed), a self-starter, can-do attitude, excellent written and verbal communication skills, works well with peers, and flexible/accommodating to changes in priorities.
Job Description and Details
- Primary security analyst working with managed service provider of Client’s Security Operations Center (SOC) and SIEM, ensuring tool is appropriately configured (i.e. correlation rules are effective and working as expected), minimizing false positives, and effectively alerting and reporting issues.
- Works with SOC and handles initial security incident assessment.
- Ensures content management system is effectively configured to securely manage web traffic and assesses requests to access or block specific web traffic and related items.
- Primary resource managing ticket queue and working with management to ensure security requests are responded to in a timely manner and resources allocated to work tickets.
- Assesses various types of security requests, provides response (approval/deny, etc.), and works with management on detailed and complex requests to ensure appropriate feedback.
- Assists team with evaluating new security products, makes recommendations.
- Researches and analyzes threats and their behavior.
- Provides recommendations to threat mitigation strategies.
- Candidates should demonstrate in-depth knowledge of TCP/IP enterprise network services in addition to a demonstrated capability to perform network packet analysis and anomaly detection.
- Implements standard procedures for incident response while interfacing with management.
- Employs effective communications when assisting with security incident response procedures.
- Performs routine event reporting over time including trend reporting and analysis.
- Assists team with various annual security compliance audits, including providing detailed reporting and evidence for various controls.
- Understanding of network and security architecture best practices.
- CCNA knowledge level.
- Experience with implementation of security related network devices (i.e. firewalls, IPS/IDS), understanding of OSI model, net-flows, and client/server infrastructure design.
- Ability to implement standard procedures for incident response while interfacing with management.
- Experience working with content management systems (i.e. Forcepoint, Bluecoat, etc.).
- Experience with SIEM tools including purpose, correlation rule design, and related monitoring and reporting best practices.
- Experience triaging security related incidents and understanding how to utilize incident response plans.
- Ability to demonstrate knowledge of TCP/IP enterprise network communications and perform network packet analysis and anomaly detection.
- Experience evaluating security tools and making recommendations based on 3rd party and internal lab reviews.
- Experience working with IT auditors and providing evidence for related controls.
- Familiarity with Advanced Persistent Threat groups (Tactics, Techniques, and Procedures/Indicators of Compromise).
- Familiar with writing security or related IT policies.
- Familiar reviewing infrastructure designs, finding security gaps, and making recommendations to ensure a secure implementation.
- Bachelor’s degree in cyber security, networking, computer science or related field preferred.
- Excellent written and verbal communication skills.
- Minimum 5 years’ experience in cyber security, network security, or related experience.
- Easy going and gets along well with a diverse group of teammates.
- Flexible with work-from-home and/or in-office work schedule (hybrid mix).