City : Austin
State : Texas
Neos is Seeking a Data Security Analyst III (Threat Hunter, Red Hat) for a contract role for with our client in Austin, TX.
***HYBIRD (AUSTIN) or REMOTE - CANDIDATES CURRENTLY RESIDING IN THE AUSTIN, TEXAS AREA OR IN U.S. NEED APPLY***
No calls, no emails, please respond directly to the "apply" link with your resume and contact details.
This position is Remote, outside of Austin
Local candidates will be Hybrid - 1 day per week in office, Wednesdays
located at 5500 E. Oltorf ST, Austin, TX 78741
DESCRIPTION OF SERVICES
We are seeking a highly motivated and talented individual to join our cybersecurity team at the Texas Office of the Attorney General (TxOAG) as a Network Security Analyst. The Network Security Analyst is responsible for proactively identifying, investigating, and disrupting advanced cyber threats that evade traditional security controls. The role focuses on hypothesis-driven analysis, adversary behavior detection, and continuous improvement of threat detection capabilities.
Key Responsibilities
Proactively conduct threat hunting activities to identify malicious activity, advanced persistent threats, and indicators of compromise not detected by automated tools.
Develop and execute hypothesis-driven hunts based on threat intelligence, adversary tactics, techniques, and procedures (TTPs), and organizational risk profiles.
Analyze endpoint, network, identity, and cloud telemetry to detect anomalous or suspicious behavior.
Investigate and validate potential security incidents, determine root cause, and assess scope and impact.
Collaborate with incident response, SOC, and detection engineering teams to support containment, eradication, and recovery activities.
Translate threat hunting findings into actionable detection logic, alerts, and analytics to improve security monitoring.
Document hunting methodologies, findings, and recommendations in formal reports and knowledge repositories.
Contribute to the development and tuning of security use cases, queries, and detection rules across SIEM, EDR, NDR, and cloud security platforms.
Leverage threat intelligence sources to track emerging threats, attacker tools, and campaigns relevant to the organization.
Support purple team activities, tabletop exercises, and continuous adversary simulation efforts.
Maintain awareness of evolving attacker techniques and emerging cybersecurity threats.
The above job description and requirements are general in nature and may be subject to change based on the specific needs and requirements of the organization and project.
CANDIDATE SKILLS AND QUALIFICATIONS
8 years Required - Strong understanding of attacker tactics, techniques, and procedures.
8 years Required - Experience analyzing logs and telemetry from SIEM, EDR/XDR, network security, identity platforms, and cloud environments.
8 years Required - Proficiency in query languages and scripting used for threat hunting.
8 years Required - Solid knowledge of Windows, Linux, and cloud operating systems, including common attack vectors and persistence mechanisms.
8 years Required - Proven expertise in security considerations of cloud computing: data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
8 years Required - Knowledge and understanding of threat analysis and assessment of potential and current information security risks/threats and designing solutions to mitigate those threats.
8 years Required - Knowledge and experience working with relevant National Institute of Standards and Technology (NIST) standards.
8 years Required - Familiarity with threat intelligence sources, malware analysis concepts, and digital forensics fundamentals.
8 years Required - Experience documenting investigations, creating hunt reports, and communicating technical findings to diverse audiences.
8 years Required - Strong analytical, problem-solving, and critical-thinking skills.
8 years Required - Ability to work independently while collaborating effectively within cross-functional cybersecurity teams.
8 years Required - Ability to resolve complex security issues in diverse and decentralized environments; to learn, communicate, and teach new information and security technologies; and to communicate effectively.
8 years Required - Conduct forensic investigations on cyberattacks to determine how they occurred and how they can be prevented in the future.
8 years Required - Experience creating, reviewing, and updating security policies and standards for public, private, and hybrid cloud contexts.
3 years Preferred - GSEC, CEH, CISA, CCSP.
3 years Preferred - Certification as an AWS Solutions Architect, Cloud Security Certification, and/or OpenStack Administrator Certification a plus (other cloud-related certifications also a plus).
3 years Preferred - Experience with Endpoint Detection and Response tools (e.g., EndGame, CrowdStrike, CyberReason).
3 years Preferred - Experience with Email Threat Management tools (e.g., Proofpoint, MimeCast, Microsoft).
3 years Preferred - Experience with SIEM platforms (e.g., Splunk, Rapid7, SumoLogic).
3 years Preferred - Experience with Data Loss Prevention / Cloud Access Security Brokers (e.g., Symantec, Microsoft, Bitglass, Netskope).
3 years Preferred - Experience with Cloud Enterprise Network Security tools (e.g., Cisco Umbrella, Palo Alto, ZScaler).
#DICE
#LI-MB
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: 10111245
- Position Id: a0FRb00000DbK57MAF
- Posted 19 days ago
%201.png%3Fformat%3Dwebp&w=828&q=75)
%202.png%3Fformat%3Dwebp&w=1080&q=75)
Never miss an opportunity! Create an alert based on the job you applied for.