Specialist – Security Analyst
Job Description –
We're looking for a dynamic and experienced Security Analyst to be part of a new SOC function within our Corporate Security Organization. Working with the Security Team the SOC will deliver strong Incident response capabilities, oversight of technical controls and assist with continual service improvement.
Essential Duties and Responsibilities:
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
- Isolate and remove malware.
- Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
- Provide daily summary reports of network events and activity relevant to cyber defense practices.
- Receive and analyze network alerts from various sources and determine possible causes of such alerts.
- Notify designated managers, cyber incident responders and articulate the event's history, status, and potential impact for further action in accordance with the organization's incident response plan.
- Analyze and report system security posture trends.
- Assess adequate access controls based on principles of least privilege and need-to-know.
- Work with stakeholders to resolve computer security incidents and vulnerability compliance.
- Computer networking concepts and protocols, and network security methodologies.
- Cyber threats and vulnerabilities.
- Authentication, authorization, and access control methods.
- Cryptography and cryptographic key management concepts
- Incident response and handling methodologies.
- Network traffic analysis methods.
- Key concepts in security management (e.g., Release Management, Patch Management).
- Network tools (e.g., ping, traceroute, nslookup)
- Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
- Encryption methodologies.
- Windows/Unix ports and services.
- Personally Identifiable Information (PII) data security standards.
- Systems security testing and evaluation methods.
- Network mapping and recreating network topologies.
- Packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
- Operating system command-line tools.
Skills and Experience:
- Skill in using incident handling methodologies.
- Skill in collecting data from a variety of cyber defense resources.
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
- Skill in performing packet-level analysis.
- Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
- Experience in conducting trend analysis.
- Experience analyzing malware.
- Experience conducting vulnerability scans and recognize vulnerabilities in security systems.
- Experience detecting host and network-based intrusions using intrusion detection technologies.
- Experience to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
- Experience with SIEM
NICE is committed to provide an environment based on equal opportunity for all qualified applicants and employees. It is the policy of NICE to afford equal employment opportunities to qualified individuals, regardless of age, race, color, creed, religion, citizenship, ancestry, national origin, sex, gender, pregnancy, mental or physical disability, marital status, veteran status, service in the Armed Forces, sexual or affectional orientation, atypical hereditary cellular or blood traits, genetic information, status as a victim of domestic or sexual violence, and/or any other status protected by any applicable federal, state and/or local statute or regulation.