IT Security Analyst

About The Position

Requirements

• A degree in business or technology is preferred (associate’s or bachelor’s)
• 3-5 years of experience in IT security
• Experience with intrusion detection (IDS) and intrusion prevention (IPS) systems preferred
• Basic scripting (Python, PowerShell, Bash)
• Experience with vulnerability management
• Experience with network packet analysis
• Experience with log analysis and log management
• Experience with Cloud Security Management interfaces
• Experience with enterprise authentication systems, such as directory services or identity management platforms
• Experience with Incident handling and response preferred
• Strong working knowledge of Microsoft 365 tenant administrative interfaces
• Working knowledge of core cybersecurity concepts such as the CIA triad, encryption algorithms, and risk management processes
• Working knowledge of computer networking protocols including how traffic flows across a network
• Working knowledge of cybersecurity laws and regulations
• Working knowledge of cybersecurity threats, threat characteristics, and vulnerabilities, and threat hunting
• Ability to prioritize security requests according to urgency and established criteria
• Ability to organize information and alerts from multiple sources to create a holistic picture of cybersecurity threats
• General understanding of security frameworks (NIST, MITRE Attack) preferred
• Familiarity with the variations between IT and OT network environments
• Familiarity with adversarial TTPs
• Experience working on project teams and project management is preferred
• Demonstrate excellent communication (written, verbal and listening) and interpersonal skills
• Superior organizational skills and attention to detail
• Must possess a proven ability to deliver high-quality customer service
• Ability to triage and prioritize security related data quickly
• Ability to respond to work after hours and weekends as needed
• Requires sufficient personal mobility and physical reflexes, to permit the employee to function in a general office environment and accomplish tasks and duties as outlined above.

Responsibilities

• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Aid in the protection of the company's network and sensitive information using cyber defense tools for continual monitoring and analysis of systems to identify malicious activity including
• Identifying cyber threat tactics and methods
• Identifying and correcting gaps in the company’s cybersecurity posture
• Testing information systems for vulnerabilities
• Documenting and escalating incidents
• Analyzing network alerts from various sources within the enterprise and determining possible causes of such alerts
• Identifying and analyzing anomalies in network traffic or log data
• Monitoring risks and implementing cybersecurity systems to prevent attacks or breaches
• Responding to urgent cybersecurity events and incidents
• Reviewing events and incidents to understand root causes
• Monitoring reputation for hostile content directed towards organizational or partner interests
• Recommend procedures and/or changes to procedures necessary for good cyber hygiene
• Improve the overall cybersecurity posture of the organization’s systems
• Determine the operational and safety impacts of cybersecurity lapses
• Prepare threat and target briefings and situational updates
• Monitor threat activities and prepare threat activity reports
• Manage and report on adversarial activities