Apex Systems, one of the nation's top technology focused staffing firms, has Security Analyst opportunities for a Fortune 100 tech company with sites in Cary or Fort Bragg, NC (greater Raleigh area). Applicants must have an ACTIVE Secret Clearance, 2+ years experience with core networking with Cisco routers and switches, experience with vulnerability assessments and threat analysis, and an active Security+ Certification!Security Analyst Overview:
- Hours: shift work (7am-3pm, 3pm-11pm, or 11pm-7am), with minimal on-call support
- Length: open-ended, long-term contract with permanent potential
- Tools/Tech: SIEM, ArcSight, Splunk, Cisco ASA, Cisco ISE, BlueCoat, JunOS, Fortinet, FirePower, FireEye, packet capture/payload analysis (*do NOT need to have experience with all of these, we can provide training!)
- Additional: working at a Fortune 100 technology-focused organization, weekly pay, healthcare benefits, 401K, stock purchase program, multiple technical training programs, including access to a 24/7 technical training license that provides certification bootcamps to 120+ tech certifications and training on many of tools listed above, and remote work option long-term (40% telework options)
- Want to apply? Email your resume to Grace McCarthy at
Your primary responsibility is to ensure Government Network Operations and Security Center customers receive professional service and prompt response to their needs. You will support the 24x7 Floor Operations function for our managed security service customers - this means initiating and working Incident Management tickets, responding to trouble calls/emails from customers, and ensuring proper work flows/assigning trouble tickets to Specialists and other employees.
As a Lead, you provide first level security incident handling (60%) - also act as point of escalation for Managed Security Services Specialists (10-20%). Assess changes - Security Analysis and Incident response 50/50. Key Responsibilities of Security Analyst:
Qualifications of Security Analyst:
- Support operations function for managed security service customers, i.e. initiating and working Incident Management tickets, responding to trouble calls/emails from customers, and ensuring proper work flows/assigning trouble tickets to Specialists and other employees.
- Security incident handling involves investigating issues to determine if there is a real security incident or a false positive, notifying customers as needed, and sending customers standardized emails specifying the steps they need to take to fix the problems.
- Device and health monitoring involves troubleshooting network connectivity problems concerning managed security devices, often time working with Advanced Support Team engineers and/or vendors/partner technology teams on device replacement/reconfiguration.
- Focus on SLA attainment for your shift by ensuring ticket buckets have been "scrubbed" and that issues are followed through until completion or escalation.
- Respond to security threats raised through the correlation and analysis of security events from sources such as firewalls, IDS/IPS devices, packet captures and security logs to include blocking IP addresses at the perimeter firewalls with near real-time response.
- Interpret and explain PCAP data and firewall logs
- Network changes for vulnerabilities.
- Address Incidents/Scenarios dealing with PII, Information Spills and Stolen Assets.
- Address Insider Threat, Malware and Policy Violations following Policy.
- Performing security analytics of network traffic and providing Incident Response utilizing:
1. Payload analysis (packet analysis)
2. Health/alert monitoring (HM/AM)
5. Cisco ISE
Want to Impress? Plusses of Security Analyst:
- 2+ years in network security, and experience with security event analysis
- Experience dealing with customer service requests
- CompTIA Security+ CE Certification
- *** Must have ACTIVE DOD Secret Level Clearance***
- Any additional technical certifications in the Security field
- Experience with Sourcefire, Checkpoint, Tripwire, Bluecoat Proxy
- Knowledge of ITIL and/or previous work in an ISO operating environment
- Any experience with ArcSight, Splunk, Cisco ASA, JunOS, Fortinet, packet capture/payload analysis would be a HUGE PLUS!
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or