Don't worry, we can still help! Below, please find related information to help you with your job search.
- Security Analyst
- Sr Infrastructure Analyst Monitoring
- Personal Monitoring Associate Analyst
- Monitoring Engineer
- Aml Transaction Monitoring Analyst
- Compliance Monitoring And Testing Analyst
- Media Monitoring Analyst
- Tier 2 Security Event Monitoring Analyst
- Vendor Compliance Monitoring Analyst
- Aml Surveillance Monitoring Analyst
Itar Security Monitoring Analyst
Company | GeorgiaTEK Systems Inc. |
Address | United States |
Employment type | CONTRACTOR |
Salary | |
Category | IT Services and IT Consulting |
Expires | 2023-05-08 |
Posted at | 1 year ago |
POSITION 1: ITAR Security Monitoring Analyst (minimum Tier 2 for full incident analysis and triage)
Location – remote – Must be willing to work MST / CST
Duration – 6 months +
REQUIREMENTS:
US Person that can pass ITAR and DFARS vetting
Ability to conduct and document root cause with timeline analysis
Ability to effectively use Splunk and Splunk ES
3 years of experience as a cyber security analyst
Advanced knowledge of security concepts: A strong understanding of cybersecurity principles, such as encryption, authentication, and access control, as well as knowledge of different types of threats and attack vectors.
Analytical and problem-solving skills: Tier 2 analysts need to be able to analyze complex security issues, identify root causes, and develop effective solutions.
Incident response and handling: Experience with incident response processes and procedures, as well as an understanding of how to handle incidents, coordinate with other teams, and manage communications.
Threat hunting and intelligence: Skills in proactive threat hunting, analyzing threat intelligence feeds, and understanding the threat landscape.
Familiarity with security tools: Proficiency in using various security tools, such as Security Information and Event Management (SIEM), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Endpoint Detection and Response (EDR) solutions
Nice to haves
Experience with the Linux command line and CLI tools for processing data
Experience with carbon black live response, and live response triage techniques
Experience leading an incident
Experience creating incident response playbooks
Network and system administration skills: A deeper understanding of network protocols, system administration, and operating systems (e.g., Windows, Linux, macOS) is essential for analyzing and resolving security incidents.
Vulnerability assessment and management: Knowledge of how to identify, assess, and prioritize vulnerabilities, as well as experience with vulnerability scanning tools and patch management.
Scripting and automation: Knowledge of scripting languages (e.g., Python, PowerShell, bash)
Some of the qualifications and duties are:
Review alerts and necessary event logs including Carbon Black, Windows Event, Sysmon CLI, Palo Alto FW, Zscaler, Proofpoint, DNS, Live Response logs, and others
Evaluate possible cyberattacks, insider threat, or internal breaches
Determine the validity (True or False positive) and scope of a threat
Extract IOC's from an incident
Review threat intel and identify TTP's from these IOC's, then expand their analysis to include these new TTP's and IOC's/IOA found in threat intel
Suggest remediation tactics such as EDR, Firewall, Email, or other mitigations
- An incident responder can remediate many cyberthreats but may escalate some threats to tier 3 (SecOps Engineering).
-
Systems Analyst - Excel, Xml, Sql, Scripting
By CyberCoders At Salt Lake City, UT, United States 8 months ago
-
(Senior) Finance & Shared Services Manager
By Catholics For Choice At Washington, DC, United States 8 months ago
-
Paralegal - Probate Administration
By CyberCoders At Miami, FL, United States 8 months ago
-
Account Executive - Automotive Software
By ECW Search At United States 8 months ago
-
Construction Project Coordinator Jobs
By CyberCoders At River Falls, WI, United States 8 months ago