Security Analyst

About The Position

Requirements

• 2-4 years of related experience in a Network support and or Network operations role; or any combination of education and experience, which would provide an equivalent background.
• Background in networking or security to include intrusion detection/prevention.
• Excellent written, verbal communication and organizational skills.
• Knowledge and experience with PC’s, LAN topologies, routers, hubs, switches, and terminal servers.
• Knowledge of security applications such as IDS, IPS, SEM, SIEM and anomaly detection tools.
• Knowledge of trouble ticketing systems or CRM systems.
• Understanding of the operation of test and analysis equipment such as protocol analyzers, LAN/WAN Sniffers, etc.
• Ability to read and interpret network diagrams.
• Ability to read and understand packet captures.
• Basic understanding of the OSI model
• Strong interpersonal and user service skills.
• Knowledge of Unix and Windows Operating Systems.
• Experience with processes in functional area (i.e., trouble management, fault management, and incident management).
• Understanding of network management concepts and software, including SNMP

Nice To Haves

• Security +, SSCP and other technical security certifications (e.g. Information Systems Security Architecture Professional, Information Security Engineering Professional, Certification and Accreditation Professional, or equivalent certifications)

Responsibilities

• Perform the detailed and repeatable execution of all operational tasks as documented in SOC processes and subordinate procedures.
• Monitor the SOC main event tools for security events.
• Close or escalate security events as necessary.
• Update all relevant documentation such as shift logs and tickets, procedures.
• Identify impact of incidents on systems, and using available tools determine if data was infiltrated.
• Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter.
• Serve as work area experts for security/information assurance policy recommendations.
• Gather intelligence from sources outside the SOC (both internal and external sources) and leverage for operations.
• Escalate incidents to applicable Bulletproof entities and or Bulletproof Customers for remediation.
• Build relationships with other Bulletproof operations units to strengthen customer security posture.
• Ensure security events and incidents are detected and escalated in a timely manner.
• Provide analysis and investigation to determine if alerts or security events warrant incident classification.
• Track incidents through to final resolution.
• Perform incident triage to include determining scope, urgency, and potential impact.
• Drive the Information Fusion Procedure where various data inputs are gathered, analyzed and presented in a meaningful, actionable manner.
• Responsible for long term analysis and investigation into our customer’s network activity, and the creation of custom logic to detect unique or previously undetectable attacks on our customer information assets.

Benefits

• Comprehensive Health, Dental, and Vision Insurance
• Optional Health
• 100% Employer Paid Health and Dental Plan
• Vacation Time
• 401k Plan
• Annual Discretionary Bonus
• Anniversary Reward Bonus
• Educational Assistance Program
• Additional Mental Health Benefits through our Employee Assistance Program