IT Security Analyst (Tier 3)Full TimeTechnicalSan Antonio, TX, USTampa,

1. IT Security Analyst (Tier 3)
2. Full Time
3. Technical
4. San Antonio, TX, US
5. Tampa, FL, US
6. 30+ days ago
7. Requisition ID: 1112
8.  
9. APPLY
10. POSITION SUMMARY:
11.  
12. Working within our Security Operations Center (SOC), the IT Security Analyst (Tier 3) is responsible for reviewing system log events and data packets to determine whether activity is normal or malicious. The Security Analyst will ensure that aspects of the customers’ environments are identified and understood to enable accurate actionable reporting for other tiers. Analysts will also participate in developing processes, procedures, training, etc. for new technologies. Strong knowledge of incident response principles and phases.
13.  
14.  
15. DUTIES AND RESPONSIBILITIES:
16.  
17. Performing systems and network analysis of intrusions to customers’ network infrastructure, applications, operating systems, firewalls, proxy devices, malware detection and more and work as part of the team conducting preliminary incident response, event analysis and threat intelligence.
18. Conduct initial and ongoing tuning of customers’ environments from on-boarding to day 2.
19. Participate in solutions development for new products as they are introduced to the organization.
20. Handling escalations from Security Specialists and Associate Analysts.
21. Reviewing security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives.
22. Providing both strategic analysis and near real-time auditing, investigating, reporting, and remediation, coordinating and tracking of security-related activities for customers.
23. Performing correlation of events from network, enterprise and host sensors.
24. Assisting in compliance efforts, processing security-related services, change controls, security research.
25. Conducting vulnerability testing.
26. Expanding organizational knowledge by contributing to Knowledge Base.
27. Mentoring junior tiers in the organization on security concepts and ideas.
28. Able to perform other duties as assigned.
29. EDUCATION AND WORK EXPERIENCE:
30.  
31. Bachelor's Degree in Information Technology, Cyber Security or related field.
32. 5+ years’ experience in an information technology role.
33. 5+ years Cyber Security related experience.
34. Preferably MSSP work environment/experience OR SOC experience.
35. Knowledge of web application security and in vulnerability management required.
36. SIEM experience (working knowledge of use cases, reporting and trending, rules creation) such as Cyguard, FortiSIEM, Arcsight, QRadar.
37. IPS/IDS: Writing signatures or investigating events.
38. Experience with packet analysis tools, such as Wireshark.
39. Perform basic hunt activity for enterprise network.
40. OS knowledge for various versions of UNIX, LINUX, and Windows.
41. Experience across web and desktop applications, cloud computing.
42. Strong understanding of network protocols TCP/IP, 802.11, layer 2 and 3 switching, DHCP, DNS, network security, cloud computing and troubleshooting skills.
43. Excellent analytical and problem-solving skills with ability to evaluate information from multiple sources and provide recommendations to enterprise organizations.
44. Hands-on experience with security products including intrusion detection systems (Snort/SourceFire), endpoint solutions (McAfee, Cisco AMP) and firewalls (CheckPoint, Cisco PIX, PALO).
45. Operating systems knowledge and systems administration skills for various versions of UNIX, LINUX, and Windows and ability to read and understand Windows logs.
46. One or more of the following certifications is desired (not required): CISSP, GCIA, GCIH, CySA, CASP.
47. Basic understanding of scripting languages (doesn’t need to be able to script but able read/analyze scripting languages).
48. Must be self-directed, able to manage individual projects or act as part of a larger team.
49. Must be able to manage multiple customers environment at any given time.
50. KNOWLEDGE, SKILLS AND CHARACTERISTICS REQUIRED:
51.  
52. A keen interest in security and the need for the Confidentiality, Integrity and Availability of information and information systems to be maintained.
53. Excellent Analytical skills.
54. Excellent communications, presentation, and listening skills.
55. Excellent organizational and time-management skills and the ability to multi-task and prioritize.
56. High level of integrity, judgment, and situational awareness.
57. Ability to work both independently and collaboratively with peers, across teams, and with management.
58. Flexibility and adaptability to change.
59. Excellent customer service skills.