Job Description

Job Type: Contract

Contract length: 06 Months

Job Description:

• The IT Security Threat Analyst will be part of the threat operations and security monitoring team.
• They will have primary responsibility for working with cloud support teams, cybersecurity incident responders, threat hunters and security architects to design, implement, and support logging, monitoring, and alerting across multiple cloud platforms in the SIEM.
• The analyst will be working with administrators of the SIEM to produce data sets and alerts for each cloud tenant they support.
• These alerts will be actioned by the SOC and CSIRT teams.
• They will independently develop, maintain, and implement comprehensive information security monitoring programs including defining security policies, processes and standards for large and complex environments.
• Provide consultative guidance on the development of information security strategies and programs through demonstrated expertise and knowledge of industry trends and changes with respect to advanced and sophisticated cyberattacks and threats.
• Lead efforts, oversee work results, provide formal training and serve as a technical resource for Information Security team members.

Essential functions:

• Participates in design, implementation, of logging and monitoring processes across various cloud environments
• Tracks and documents security issues and requests, actively monitors work queue.
• Accountable for follow-up of all security work requests including collaborating with other IT areas to ensure timely completion/resolution and obtainment of appropriate approval levels
• Works closely with business areas and IT partners on troubleshooting, pre-implementation activities and to assess application security
• Maintains and creates operational procedures
• Acts as lead liaison for internal and external audit requests and activities. Leads remedial activities as the result of audit findings
• Defines scope of operational initiatives and adjusts priorities to support workload
• Provides subject matter expertise, leadership, and guidance to work teams and end users on security policies, standards, procedures, and processes
• Investigates business processes to understand and implement security requirements weighing business needs and security risks and resolving issues
• Research solutions and work with vendors to enhance Security Monitoring Program
• Develops training content as needed
• Design, monitor, and build alerting capabilities for our systems and tools
• Correlates and analyzes threat data from various sources
• Independently conducts industry research and technical evaluation of all-sources and vendor supplied intelligence–with specific emphasis on network operations and advanced and sophisticated cyber tactics, techniques, and procedures
• Subject matter expert in the detection and identification of cyberattack signatures, tactics, techniques, and procedures associated with advanced threats
• Leading assessments and development of cyber threat profiles of current events based on collection, research, and analysis of open-source information

Job Duties:

• In-depth knowledge of Information Technology field and computer systems
• Demonstrated organizational skills
• Demonstrated ability to adapt to change and collaborate as part of a team
• Ability to manage tasks independently without close supervision and take ownership of responsibilities
• Ability to learn from mistakes and apply constructive feedback to improve performance
• Must demonstrate initiative and effective independent decision-making skills
• Ability to communicate technical information clearly and articulately
• Must have an understanding of the systems development life cycle
• Must have advanced security knowledge of the organization’s existing platforms, systems, databases, and application security and are able to handle most regular issues independently
• Advanced analytical thinking, problem solving, quantitative analysis ability
• Must have an advanced understanding of Information Security concepts, protocols, industry best practices, and regulatory requirements
• Must have advanced proficiency with Active Directory groups and user accounts, Windows folder structures and folder security
• Proficiency with Windows skills are required, e.g., Windows Explorer, Word, Excel, PowerPoint, Outlook, etc.
• Any proficiency with database security and tools used to administer security within the various databases, e.g., UDB, DB2, SQL, Oracle, etc. is a plus
• Works without daily supervision to meet customer expectations
• Experience using Agile methodology specific tools, languages and specialty skills may vary

Required Experience:

• 3+ years of related work experience working with Cloud technologies (Oracle, AWS, Azure, Google), preferably within Cloud security, logging, monitoring, and alerting
• 6+ years’ experience in IT Security or combination of IT related fields
• Bachelor’s degree or equivalent experience
• CISSP (or attainable with 6 months of employment) or CEH, CISM, etc.
• Hands on experience with security architecture, security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances tools, and controls with specific demonstrated experience in proactive detection of advanced cyberattacks and/or threats
• Proven success in information threat analysis and detection concepts and principles and impact
• Experience working and managing vendor performance and service level agreements
• Demonstrated success in regularly communicating highly complex technical information clearly and articulately for all levels and audiences.
• Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
• Ability to adapt to a rapidly changing IT Security landscape and quickly identify new trends and industry changes
• High critical thinking skills required to evaluate complex, multi-sourced security intelligence information, analyze, and confirm root cause, an independently identify mitigation alternatives and solutions that safeguard our technical environment.

Preferred Experience/ Qualifications

• Experience w/ Cloud logging, monitoring, and multi-provider security monitoring, including CASB
• Experience performing SIEM rule development
• Strong math and/or statistical analysis experience
• Strong knowledge of network communications
• Demonstrated success in detailed documentation
• General Physical Demands
• Exerting up to 10 pounds of force occasionally to move objects
• Jobs are sedentary if traversing activities are required only occasionally.

How to Apply

Job Types: Temporary.

118 total views, 0 today

Apply for this Job