Threat And Incident Management Analyst

Job: Threat and Incident Management Analyst
Location: REMOTE
Duration: 6 Month contract
About The Opportunity
currently looking for a Threat and Incident Management Analyst for one of ourclients. Our client requires a Threat and Incident Management Analyst to support the objective to accelerate the design, delivery, and operations of a Threat Management Program. This is a 6-month remote opportunity.
Responsibilities
Provide day to day and hands-on support for the following domains:
Incident Response Management
Threat Detection
Threat Intel Management
Dark Web Intel Management
24x7 Monitoring (SVIC partnership/India)
Threat Informed Defense
Insider Threat
Security Orchestration, Automation, and Response
Forensics
Crisis Response Coordination
Participate in On-Call Rotation, Monitoring and Investigation
Perform threat hunting exercises either from SIEM alerts or as scheduled during normal SOC operations
Leverage reporting from security tools (including SIEM) to identify, respond and react to potential issues and incidents
Assist in threat incident triage to rate the risk and impact of the potential threat
Communicate the severity of the threat and recommendations for remediation to the customer and other cyber security personnel through written and verbal communications
Follow processes and procedures to analyze, escalate, and assist in remediation of critical information security incidents
Configure and monitor Security Information and Event Management (SIEM) platform for enhanced security alerts
Serve as the initial point of contact for users
Scan and monitor system vulnerabilities on servers and infrastructure devices using a Threat and Vulnerability security solution
Provide strategic and tactical direction and consultation on information security and compliance. Participate in security planning and analyst activities
Troubleshoot security devices
Required Skills
Must reside in the US
Must be willing to work as part of on-call rotation, monitoring and investigation
Experience with logging and monitoring aggregation and correlation experience (SIEM)
1 4 years of experience in cyber security operations threat monitoring, detection and response for large enterprises
Working knowledge of SIEM tools and technologies
Capable of working independently and involving senior analysts as necessary
Understanding of Batch File and Shell Scripting
Understand of TCP/IP and networking protocols
Understanding of SFTP connectivity
Understanding of threat analysis and malware detonation for testing purposes
Understanding of file and communications encryption technologies
SIEM rule tuning
Understanding of SMTP and email-based communications
Experience with IP networking, networking protocols, IPSec, PKI, VPN's, firewalls, proxy services, DNS, email, and access lists
Experience with industry information security control frameworks such as Payment Card Industry (PCI) Data Security Standards (DSS) and Fed RAMP
Excellent analytical skills
Knowledge of existing and emerging security applications
Collaborative team worker both in person and virtually using MS Teams or similar
Excellent documentation skills; demonstrated proficiency in Microsoft Office including Word, Excel and PowerPoint
Ability to work as liaison between business and information security / information technology
Flexibility to accommodate working across different time zones
Excellent interpersonal communication skills with strong spoken and written English
Business outcomes mindset
Solid balance of strategic thinking with detail orientation
Self-starter, ability to take initiative
Project management and organizational skills with attention to detail
Required Education
Bachelor's degree or equivalent experience in Computer Science.
Preferred Education
Cybersecurity certifications such as CISSP, CISM, etc.