Cybersecurity Operations Analyst (CSSP)

COLSA Corporation•Huntsville, AL

About The Position

Performs system monitoring and analysis support for the detection of cyber incidents and provides recommendations on how to correct findings. Analyzes network data using packet capture analysis, network flow analysis, as well as Cloud Logs to identify and report on potential security incidents. Assists customers with remediation of a wide range of cybersecurity issues including vulnerabilities, misconfigurations, cyber incidents, and non-compliance. Provides analysis, recommendations, and verification to achieve acceptable mitigation of security incidents. Generates and publishes monthly reports providing customers with a summary of their cyber security posture as well as tracking customers with consistent issues. Conducts daily review of open vulnerabilities using both Network and Endpoint based security solutions, reporting on high risk findings and tracking mitigation efforts until resolved. Enforces endpoint quarantine policies on extremely high risk devices using Endpoint Security Solution. Assists customers in preparing for upcoming cyber security posture assessments by providing overview of topics covered by assessment, and coordinating with customer and other operational teams to mitigate potential high risk findings observed on the site's network. May interface with external entities (e.g. law enforcement, intelligence/government agencies, etc.). At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits.

Requirements

System monitoring and analysis support for cyber incident detection.
Packet capture analysis.
Network flow analysis.
Cloud Logs analysis.
Remediation of cybersecurity issues (vulnerabilities, misconfigurations, cyber incidents, non-compliance).
Analysis, recommendations, and verification for security incident mitigation.
Daily review of open vulnerabilities using Network and Endpoint security solutions.
Reporting on high-risk findings and tracking mitigation efforts.
Enforcement of endpoint quarantine policies.
Assistance with preparing for cyber security posture assessments.
Coordination with customers and operational teams.
Interface with external entities (law enforcement, intelligence/government agencies, etc.).

Responsibilities

Analyzes network data using packet capture analysis, network flow analysis, as well as Cloud Logs to identify and report on potential security incidents.
Assists customers with remediation of a wide range of cybersecurity issues including vulnerabilities, misconfigurations, cyber incidents, and non-compliance.
Provides analysis, recommendations, and verification to achieve acceptable mitigation of security incidents.
Generates and publishes monthly reports providing customers with a summary of their cyber security posture as well as tracking customers with consistent issues.
Conducts daily review of open vulnerabilities using both Network and Endpoint based security solutions, reporting on high risk findings and tracking mitigation efforts until resolved.
Enforces endpoint quarantine policies on extremely high risk devices using Endpoint Security Solution.
Assists customers in preparing for upcoming cyber security posture assessments by providing overview of topics covered by assessment, and coordinating with customer and other operational teams to mitigate potential high risk findings observed on the site's network.
May interface with external entities (e.g. law enforcement, intelligence/government agencies, etc.).