Cybersecurity Analyst

Delan Associates, Inc-posted 3 months ago
Full-time • Entry Level
Lemont, IL
101-250 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Cybersecurity Analyst will play an important role to continuously monitor, triage alerts and tickets, investigate suspicious activity or poor configurations, and orchestrate responses to protect the laboratory's systems and data. Typical tasks may include resetting user passwords for cause, working with service owners to reset service account passwords, ensuring authorizers are designated for in-scope accounts, analyzing usage patterns for accounts, reviewing approval requests for various new access or accounts, triaging unusual access requests or phishing reports, evaluating endpoint and detection response installation and coverage, identifying systems without EDR, monitoring external attack surface for unapproved systems, and reviewing systems with existing public access. The candidate will be expected to use a variety of tools including ServiceNow, CrowdStrike, and Splunk.

  • Continuously monitor, triage alerts and tickets.
  • Investigate suspicious activity or poor configurations.
  • Orchestrate responses to protect the laboratory's systems and data.
  • Reset user passwords for cause.
  • Work with service owners to reset service account passwords.
  • Ensure authorizers are designated for in-scope accounts.
  • Analyze usage patterns for accounts to identify inactive accounts or inappropriate account use.
  • Review approval requests for various new access or accounts.
  • Triaging unusual access requests or phishing reports.
  • Evaluate endpoint and detection response installation and coverage.
  • Identify systems without EDR and provide to IT teams for remediation.
  • Monitor external attack surface for unapproved systems and vulnerabilities.
  • Review systems with existing public access to ensure compliance.
  • Attend online/Teams meetings with team and others as appropriate.
  • Provide status on current tasks, suggest improvements, and discuss implementation.
  • 1-3 years in a SOC, cybersecurity 'blue team', or closely related role.
  • Strong grasp of TCP/IP, OSI model, and common protocols (HTTP, DNS, SMTP).
  • Windows/Linux/macOS fundamentals; Active Directory/Azure AD concepts; basic cloud logging.
  • Experience with at least one SIEM and one EDR/XDR platform.
  • Experience with ticketing/case management.
  • Ability to craft queries using common languages; comfort with regex, JSON and APIs; basic scripting in Python/PowerShell/Bash.
  • Excellent analytical, problem-solving, and communication skills.
  • 3-5 years relevant experience including investigations, data analysis, and detection tuning.
  • Comfort using Splunk Processing Language (SPL), CrowdStrike EDR, and ServiceNow.
  • Experience with SOAR tools and automation development.
  • Experience using identity security/management tools.
  • Cloud security experience.
  • Basic forensics skills and network analysis fundamentals.
  • Understanding of the Cybersecurity Framework (CSF) and NIST 800-53 controls.
  • Relevant certifications such as Security , CySA , SSCP; Microsoft SC-200/AZ-500; Splunk Core/Enterprise Security; GIAC certifications.
  • Government-furnished laptop, PIV Card, and PIV Card reader.
  • Remote work flexibility.
  • Potential for a flexible work schedule.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Analyst Resume Examples
Cybersecurity Analyst Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service