IT Security Analyst
IT Security Analyst
This position is extremely dynamic in the skills required but will require an IT Security Analyst to grasp the complexities and challenges afforded working for quick paced, fast growing company. This candidate is responsible for monitoring security alerts of Endpoints, Servers, and Network devices and respond and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and for incident response capabilities.
- Perform daily reviews of different security systems and tools.
- Execute vulnerability response and incident response activities.
- Investigate, contain, and remediate abusive activities such as malware distribution, phishing attacks, intrusion attempts, DDoS, etc.
- Audit systems for secure configuration - users, central logging, etc.
- System/Network security monitoring with Security Information Event Management tools
- Implement and upgrade security measures and controls.
- Continuously review security bulletins and related news; stay apprised of current threats and trends
- Participate in data and root cause analysis for each service impacting incident with all possible corrective actions for improvement
- Create and maintain incident response playbooks.
- Working in partnership with other teams to improve defensive posture.
- Active participation in Incident Response team meetings.
KNOWLEDGE, SKILLS, AND ABILITIES:
- Experience - 1 to 3 years in Security Analyst/SOC position.
- Bachelor’s degree in Information Technology, Information Security, or related field.
- Experience in SIEM platform implementations and management.
- Ability to analyze endpoint, network, and application logs.
- Should be ready to work in 24*7.
- Manage day to day incident response alerts and events with EDR tools, awareness of tactics and techniques.
- Experience analyzing, troubleshooting, and investigating information security incidents from a variety of reporting platforms such IPS/IDS, DLP, SIEM, and vulnerability monitoring systems.
- Email Security using tools Proofpoint/Mimecast/IronPort utilizing SPF, DKIM, DMARK, User Impersonation.
- Knowledge of PKI, VPNs, Firewalls, IDS, TLS, and Incident Handling.
- Strong grasp of TCP/IP fundamentals and various operating systems.
- Must have exceptional verbal and written communicative skills.
- Must be able to fulfill periodic on-call responsibilities.
- Must be able to work constructively in team environment.
NICE TO HAVE:
- Related Certification (Network+, Security+, SSCP, GCIH, GCFA).
- Working experience in SaaS company.