Security Analyst (Tier 3)
GDH

Austin, Texas

Posted in IT


This job has expired.

Job Info


.bd_title { font-weight: bold; }

Job Description:

The preferred candidate will have a total of 10 years' experience in the Information Technology/ Information Security industry, with minimum of 5 years of experience as a Security Analyst utilizing SIEM technologies. Candidate should have strong communications skills, both written and verbal, be comfortable presenting information to teammates, customer technical personnel and Leads and Managers.

 

This is an analyst role and candidate must be able to demonstrate ability to perform and support in-depth investigations and 'hunting' activities.  Demonstrated experience in using the Splunk Enterprise Security SIEM technologies as an analyst is REQUIRED.   Holding the Splunk Power User Certification is PREFERRED. Holding Certified Ethic Hacker (CEH) and/or Certified Incident Handler (GCIH or ECIH) credentials is a plus for this position. 



Job Requirements:

·        Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.

·        Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.

·        Perform cyber defense trend analysis and reporting.

·        Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.

·        Provide daily summary reports of network events and activity relevant to cyber defense practices.

·        Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.

·        Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

·        Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.

·        Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.

·        Determine tactics, techniques, and procedures (TTPs) for intrusion sets.

·        Recommend computing environment vulnerability corrections.

·        Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).

·        Create and document procedures and work instructions for use by the SOC staff (Tier 1 through Tier 3).

·        Train and mentor the Tier 1 and Tier 2 analysts as needed.

·        Validate events/alerts received from all monitored security systems against network traffic using packet analysis tools.

·        Reconstruct a malicious attack or activity based off network traffic.

·        Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.

·        Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.

·        Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.


This job has expired.

More IT jobs


The Baer Group
San Francisco, California
Posted about 3 hours ago

The Baer Group
San Jose, California
Posted about 3 hours ago

The Baer Group
Atlanta, Georgia
Posted about 3 hours ago

Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.