Our client is seeking a Mid-Level Cybersecurity Analyst whose core responsibilities are pulling log files from Windows, Linux, laptops, and commercial off-the-shelf apps for security monitoring, analysis, and alerting. This Analyst will collaborate with the team to pull log files, but will parse through those log files, identify and call out malicious behavior, and send that to the incident management team themselves. Note: this is NOT an Incident Response role; must have hands-on log analysis experience. This is a hybrid opportunity located in Fort Worth, TX!
Duties:
Support enterprise logging and analysis solutions
Analyze Log files for suspicious activity
Analyze event data for suspicious patterns
Analyze log sources, assess threats, and define alerting criteria
Maintain documentation
Develop log policies by creating rules, setting thresholds, and prioritizing alerts based on impact and urgency
Work with IR Engineering to configure data ingestion, detection rules, and finetune detection
Work with CIRT to configure incident creation, explore opportunities to enrich incident data, and assign incidents to CIRT teams
Review policies regularly, address false positives/negatives, and stay updated on technology
Data extraction
Reporting
Desired Skills/Experience:
Hands-on log file analysis experience
Windows and Linux experience
Critical thinking and analysis skills
Strong sense of ownership
Highly curious
Fascination with big airplanes and travel
Able to work independently with minimal direction
Ability to directly pull log files from Windows and/or Linux environments