The Senior Security Analyst is responsible for the design, configuration, testing, and deployment of on-prem and cloud services. They will provide Incident Response, threat hunting and proactive support of all development activities in both the cloud and on-prem environments.
Key responsibilities will include, but are not limited to:
Ensuring anomalous activity is detected and the potential impact of events is understood.
Ensuring that information systems and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures.
Ensuring detection processes and procedures are maintained and tested to ensure awareness of anomalous events.
Ensuring response activities are coordinated with internal and external stakeholders (e.g., external support from service providers).
Ensuring analysis is conducted to ensure effective response and support recovery activities.
Ensuring activities are performed to prevent expansion of an event, mitigate its effects, and resolve the incident.
Ensuring response processes and procedures are executed and maintained, to ensure response to detected cybersecurity incidents.
Ensuring recovery processes and procedures are executed and maintained to ensure restoration of systems or assets affected by cybersecurity incidents.
Ensuring recovery planning and processes are improved by incorporating lessons learned into future activities.
Ensuring restoration activities are coordinated with internal and external parties (e.g. coordinating centers, other CSIRTs, and vendors).
Additional activities as necessary to support the overall cybersecurity and mission.
Requirements for success
Experience requirement:
Minimum of 3 years' experience working as a systems engineer or administrator.
Minimum of 4 years' experience working as a security analyst.
Certifications by EC-Council, ISC2, Cisco, Microsoft, Fortinet, CompTIA, Offensive Security, etc. to be considered based on relevance to defensive cybersecurity operations.
Bachelor's Degree in a related field such as cybersecurity, information technology, or computer science; equivalent combination of experience may be considered.
Skills and abilities:
Ability to participate as a technical lead on all projects requiring cybersecurity expertise and consultation.
Ability to lead a Cybersecurity Incident Response Team (CIRT), Computer Security Incident Response Team (CSIRT) and Managed Security Services Partners (MSSPs) in the execution of daily incident response activities.
Ability to deploy, integrate, configure, and maintain systems which comprise the overall cybersecurity technology stack.
Ability to communicate complex cybersecurity concepts in a clear and concise manner for laypersons unfamiliar with cybersecurity and/or IT concepts.
Desire and ability to help drive organizational adoption and buy-in of cybersecurity policies and standards across the ecosystem.
Eagerness to develop, grow, and maintain strong inter-team relationships across the business to aid in the accomplishment of the mission.
Preferred qualifications:
Expert knowledge in the following technologies and concepts: DFIR, IAM, PAM, DLP, NGFW, EDR, SIEM, IDS/IPS.
Strong foundational knowledge in IT technologies and concepts not limited to email security technologies, application security, cloud security (IaaS & PaaS, etc.), MITRE ATT&CK, SIEM, SOAR, CASB, MSSPs, DNS, Linux, Windows.
Fundamental knowledge of NIST, MDM, OWASP, PowerShell/Python/JavaScript, MacOS, malware analysis, LOLBAS, vulnerability management, WAF, CIS Benchmarks.
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at employeeservices@apexsystems.com or 844-463-6178.