Posted in Other 30 days ago.
Location: Ashburn, VA
Salary: Negotiable
Description:
Title- Information Security Analyst - I / Cybersecurity analyst
Location- Ashburn, VA (Hybrid)
Duration- Long-term contract
JOB DESCRIPTION:
Job Title: Cyber Security Analyst
MUST-HAVE SKILLS:
Ability to obtain GSA Public Trust clearance
At least three years of experience in security-related fields, including prior SOC experience
Clear and concise written and oral communication skills in English
Proficiency in using a supported Security Incident Event Management (SIEM) system for analytics
Knowledge of scripting, parsing, and query development in enterprise SIEM solutions
Experience tuning use cases and content, with an understanding of best practices to prevent false negatives
Documentation skills for processes and procedures, as well as training team members
Exceptional problem-solving abilities
Proactive engagement with customers and client management teams
Thorough understanding of threat landscapes and indicators of compromise
Familiarity with incident response techniques related to network forensic analysis
Experience investigating security incidents using SIEMs, use case development/tuning, and understanding of incident response
Knowledge of Intrusion Prevention Systems (IPS), including analyzing alerts and identifying false positives
Implementation experience with next-generation firewalls (e.g., Forti manager, Fortigate, Cisco, Palo Alto, Checkpoint)
Proficiency with Linux command line
Understanding of health and availability monitoring, device logging, network troubleshooting, and device troubleshooting
DESIRED SKILLS:
Scripting knowledge (e.g., Python, PowerShell, Bash Shell, Java)
Incident response experience using various SIEMs and industry best practices
Customer service skills, including supporting service desk functions such as IAM management
JOB DUTIES:
Security Analysts play a crucial role in the Security Operations Center.
Tier-2 Security Analysts, with a background in enterprise security, handle a wide range of tasks across different platforms.
Their responsibilities include day-to-day tasks, short-notice ad-hoc work, and independent task completion with minimal supervision.
Key duties of Tier-2 Senior Security Analysts include:
Providing near real-time security monitoring in a 24x7 environment by monitoring security infrastructure and alarm devices for Indicators of Compromise (IoCs) using a proprietary SIEM and cybersecurity tools.
Performing near real-time security monitoring of alerts and escalating critical alerts according to the service level agreement.
Detecting security incidents and analyzing threats, especially complex or escalated events.
Responding to customer Requests For Information, including using Linux command line skills to query raw logs for IoCs, answering questions about the MSS infrastructure, and explaining features of the SIEM, including the correlation engine.
Developing internal and external documentation, such as detailed procedures, playbooks, and runbooks, while reviewing operational metrics reports.
Perform level 2 assessment of incoming alerts, assessing alert priorities, determining severity in the customer environment, and coordinating with tier III for critical priority incidents, if necessary.
Perform incident response activities utilizing customer SIEM and cybersecurity toolkits
Assist with quality control during onboarding of new customers to verify validity of Use Cases and generated alerts
Utilize the SOC Knowledge Base and provide input on revisions as needed
EDUCATION/CERTIFICATIONS
Required: Bachelors or higher degree in Computer Science, Information Security, or similar discipline
Required: industry certification(s) such as CISSP, SANS GIAC or GCIH, CompTIA Security+, CCNP-Security, Palo Alto CNSE, Fortinet NSE, CySA+, GCED, CEH, or comparable security-related certification
LOGISTICS
Shift work required, including nights and weekends
Team members work 5x8 hour shifts per week.
Digital Realty |
Digital Realty |
Digital Realty |