Security Analyst (FTE)
The security analyst will provide technical support on the team involved in 24X7 information security response, security monitoring, and supports audit/compliance and cyber forensic activities for the company. The successful candidate will have general knowledge and experience with SIEMs, security operations processes, incident response, event analysis, threat intelligence, and security skills development.
Work as part of a team of Information Security professionals supporting a global enterprise.
Triage and respond to concurrent security incidents
Escalate issues to senior staff/management as required
Work to remediate any vulnerabilities and/or threats to corporate networks
Document incident results and report details to the security organization
Respond to internal customers, partner's and auditor's request for information regarding the corporate security event management capabilities
Document existing and new processes, mature existing documentation.
Execute standard procedures for the administration, backup, disaster recovery, and operation of
Research, analyze and understand log sources, particularly security and networking devices (such as firewalls, routers, anti-virus products, and operating systems
Assist with the tuning ArcSight Content performance and event data quality to maximize system efficiency
Assists and participate with security incident management processes
Experience in the administration of Windows NT systems and/or UNIX systems
Proficiency with NID implementations
Experience in reviewing and analyzing tcpdump files.
Possesses an understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns.
Has strong technical support skills for client systems.
Candidates must have an understanding of incident response methodologies and technologies.
Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers.
Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis.
Willingness to serve as a member of an Incident Response Team (IRT) and respond to emergency calls during non-business hours, as needed.
Ensure the confidentiality, availability, and integrity of SOC data sources.
Self-disciplined to complete shift work and transfer with little supervision.
Candidate must be able to react quickly, decisively, and deliberately in high stress situations.
Highly motivated individual with the ability to self-start, prioritize, and multi-task
Participate in shift work.
Troubleshooting skills and curiosity a must
Prior security operations and ArcSight experience a plus
Minimum 2 years’ experience in Information Technology.
BS in Computer Science or equivalent experience
Brief Description of Role:
Perform shift work (2nd & 3rd 4x10’s) security operations center security monitoring and response activities including but not limited to: ArcSight real-time console monitoring, SIEM security event/incident analysis, case work, documentation, incident response activities, system isolations, and escalation to senior technical staff/leadership. Support and backup of Level 1 analysts on shift.