Immediate Job Opening For "Cyber Security Analyst " at Remote, Remote, USA |
Email: [email protected] |
From: Deepika, Teamware Solutions [email protected] Reply to: [email protected] Job Role : Cyber Security Analyst Location: Midland, MI (Day 1 Onsite) Duration: 12+ Months REQUIRED TECHNICAL SKILL SET: BM Qradar/QRoC, MS Sentinel, Carbon Black/Bit9, Microsoft Cloud App Security (MCAS), Office 365, Windows Defender, Symantec End Point Protection, ProofPoint Threat Response, ServiceNow. MUST HAVE SKILLS: At least 2-3 years of experience in IT security, security intelligence analysis or a related security field is desired Experience using SIEM tools such as IBM QRadar/QRoC and MS Sentinel,SPLUNK. Other security tools such as Carbon Black/Bit9, Microsoft Cloud App Security (MCAS), Office 365, Windows Defender, Symantec EndPoint Protection, ProofPoint Threat Response, ServiceNow Intermediate expertise across Microsoft Office product suites Through understanding of Email/O365 and defense mechanisms against phishing attempts Beginner to Intermediate expertise across security domains: e.g. Architecture and Engineering, Application Security, Web and Mobile Security, Infrastructure Security, Access Management, Threat and Vulnerability Management, Security Monitoring, Incident Response, and Cloud Security GOOD TO HAVE: Experience in implementation, maintaining and administering QRadar and/or MS Sentinel at an enterprise level Experience in working with vulnerability management products/suits Good understanding of Networks and various networking concepts/devices and overall IT infrastructure SN ESSENTIAL SKILLS: Monitor, analyze, triage and escalate security events from the incident response queue Document incidents in the Incident Management System Identify ways to mitigate future risk to the Laboratory (e.g. request blocks or other countermeasures). Prepare a summary of events to provide at shift turn-over to maintain continuity of operations. Monitor, analyze, and triage security infrastructure system alerts and logs to ensure proper operational efficiency. These include Intrusion Prevention Systems, Anti-Virus, Web Proxy Systems, Full Packet Capture, Online and Offline Malware Analysis Systems and SIEM platforms. Monitor performance metrics and log data for continuous improvement and tuning to match current threats Update rule-sets/policy on infrastructure systems to support overall Laboratory defensive systems Maintain and update documentation, including standard operating procedures. Identify, implement or request solutions (e.g. blocks) to mitigate future risk to the Laboratory. Research current malicious cyber activity at large. Research how vulnerabilities are being exploited and software affected. Proactively identify opportunities to mitigate potential threats based on research. Proactively identify any patterns within device and server logs based on research to potentially identify systems of interest through log analysis. Monitoring various security alerts to identify potential incidents, network intrusions, virus and malware events, etc. Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating Analyze and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC) and other security threat data sources Keywords: rlang information technology microsoft Michigan |
[email protected] View all |
Wed Jan 10 21:51:00 UTC 2024 |