Security Analyst (remote option)

About The Position

Requirements

• Experience working as a security analyst in an environment utilizing a Managed Security Services Provider (MSSP) (4+ years)
• Experience with Security Information & Event Management (SIEM) or other log management systems for event collection, log management, and identity monitoring
• Experience with research and analysis of log sources utilized for security monitoring
• Experience configuring and monitoring IDS/IPS, log collectors, firewalls, load balancers, web gateways, and other network traffic physical and virtual appliances
• Experience with endpoint deployment solutions (e.g., SCCM, Altiris, KACE, Ivanti) for security product installation and telemetry gathering across varying OS environments
• Experience with Microsoft Active Directory on-premises and Azure (hybrid) administration, including account provisioning, enable/disable/reset, and management of Organizational Units and Groups
• Experience with Multi-Factor Authentication (MFA) and smartphone-based authentication tools
• Experience with Secureworks as the Managed Security Services Provider (MSSP)

Responsibilities

• Act as primary liaison for daily operations between the Department and its Managed Security Services Provider (MSSP)
• Perform advanced-level analysis of security events and incidents reported by the MSSP and other monitoring platforms
• Conduct computer incident response within MSSP scope and assist with incidents from outside MSSP scope
• Assist with continuous integration of all relevant data sources and systems into SIEM, SOAR, and MSSP solutions
• Deploy and monitor MSSP-specific and non-MSSP endpoint agents across multiple physical and virtual IT platforms
• Assist with identification and integration of all information security-related logs with the MSSP and Security Administration Team
• Provide management with status reports on project goals and assist with reviewing security policies and processes