Security Analyst

Hi, 

Hope you’re doing well!! 

Please find the requirement below. If you find yourself comfortable with the requirement please reply back with your updated resume or call me back at  

 

Position: Security Analyst
Location: ANCHORAGE, Alaska(Hybrid)(Local)
Duration: 6+ Months
Visa: Client won't be able to sponsor any visa
LinkedIN ID

Skill Level: Senior - Requires 5-8 years of experience in that specific discipline

SCOPE OF DUTIES:

Configure, tune, and optimize Cortex XDR and Cortex XSIAM including dataset onboarding, parser and modeling rule configuration, XQL correlation rule authoring, BIOC/IOC tuning, and alert suppression strategy to reduce

noise and improve detection fidelity Build, test, peer-review, and maintain detection content aligned to MITRE ATT&CK across endpoint, identity (Entra ID), email (Proofpoint), data (Varonis), DNS (Infoblox), and network (Palo Alto NGFW) telemetry sources Lead end-to-end incident response activities including triage, scoping, host and identity forensic analysis, containment, eradication, and recovery; coordinate with CISO and Security team and produce executive-grade after- 

action reports

Conduct proactive threat hunts in the hybrid Microsoft Azure and on-premises environment using XQL, KQL, and supporting platform query languages; document findings and convert validated patterns into persistent detection content 

Engineer and maintain integrations between Cortex XSIAM and supporting platforms (Palo Alto NGFW and Panorama, Proofpoint TAP and CASB, Varonis, Qualys, Infoblox, Cloudflare, Darktrace, Microsoft Defender XDR, Entra ID) including API connectivity, log source health monitoring, and content pack tuning 

Develop and maintain SOAR playbooks within Cortex XSIAM to automate

enrichment, containment, and response for high-volume alert categories

including phishing, malicious sign-in, endpoint malware, and data exposure

Operate and tune supporting security tooling: Qualys vulnerability scanning

and reporting, Varonis data classification and UBA, Proofpoint email security

and CASB, Infoblox DNS security, Cloudflare, and Darktrace where applicable

Provide log source onboarding and data normalization support within Cortex

XSIAM, including parser development and coordination with the OIT

infrastructure team for source system configuration

Maintain detection content version control, peer review processes, and

engineering documentation; support evidence collection for CJIS, HIPAA, and

PCI DSS compliance audits

Mentor security analysts on detection engineering methodology, XQL and KQL

query construction, and incident response procedures; develop and deliver

internal training content 

TYPICAL WORK PERFORMED:

; Protect systems by defining access privileges, control structures

; Review security logs and recognize problems by identifying abnormalities,

reporting violations

; Implement  security  improvements  by  assessing  current  infrastructure, 

evaluating  trends,  anticipating requirements 

; Determine security violations and inefficiencies by conducting periodic audits

; Upgrade systems by implementing and maintaining security controls

; Prepare performance reports, communicate system status

; Design, test and implement security systems

; Provide information on current security threats and design countermeasures

; Coordinate with both internal and external entities

; Review security policies and make recommendations for improvements

; Develop security policies based on specific needs identified by the

• organization or regulatory entity

Thanks & Regards:

Amar Pratap

Senior Technical Recruiter
VISION INFOTECH INC
Phone: ext 531
Direct:  
Email:  
368 Main Street, st #3, Melrose MA 02176

E-Verified Company