(100% Remote) Cybersecurity Analyst || Threat Detection and Response || Palo Alto SIEM at Alto, Texas, USA |
Email: [email protected] |
From: Akhilesh, DMS VISIONS [email protected] Reply to: [email protected] Hi, Hope you are doing well, This is a contract position, Please share me Updated resume of yours or your consultant if the profile matches this requirement. Title : Cybersecurity Analyst - Threat Detection and Response (Remote) Duration 6+months Location Remote Visa open Note. Candidates must have specific Palo Alto SIEM experience. At least 2 years, no exceptions Job Summary As a Threat Detection and Response Analyst, you will lead the implementation of security solutions for our clients and support their desire to protect the business. You will work with a connected team of specialists, helping our clients with their most complex information security needs and contributing toward their business resilience. You will work with Advanced Security Centers and use the most sophisticated tools available to fight against cybercrime. Duties and Responsibilities In this role, you should possess diverse industry knowledge, along with unique technical expertise and specialized skills. Responsible for understanding and interpreting event discovery and incident response activities Full-spectrum incident response support, including event discovery, alert notification, investigation, facilitation of containment, resolution facilitation, and event reporting Supervise tier-1/2 analysts in resolving issues and troubling shooting connection and technology issues Understanding the how, when, where, and why of the incident threat Perform mitigation activities for current and residual risk Assist with project planning and identification of mitigation activities Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production downtime Maintain a professional, communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles Coordinate and drive efforts among multiple business units during response activities and post-mortem Proactive monitoring of internal and external-facing environments using specialized security applications Provide timely, comprehensive, and accurate information in both written and verbal communications\\ Proactively research and monitor security-related information sources to aid in the identification of threats to client networks, systems, and intellectual property Lead and mentor other staff members on incident response, analysis, and tools Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response, and provide comprehensive mitigation of threats Participate in an after-hours on-call rotation when required Requirements and Qualifications Expertise and/or relevant experience in the following areas are mandatory: At least 3 years in Information Security, especially in a security operations and vulnerability discovery OR information operations/incident role At least 2 years experience and working knowledge of Palo Alto Networks SIEM / XSIAM Palo Alto Networks Security Certification required Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations, etc. Proven experience performing analysis of security events and incidents to determine root cause and provide a resolution Strong working knowledge of at least three of the following security tools: o host-based antivirus and anti-spam gateway solutions o firewalls, IDS/IPS, server and network device hardening o data loss prevention and forensics software o vulnerability management and website security Competence in using both internal and external ticketing systems for ITIL-based incident, problem, and change management Experience with utilizing security tools software such as Splunk, LogRhythn, CarbonBlack, Fidelis, and ServiceNow Expertise and/or relevant experience in the following areas are also desirable: Additional certifications and training are preferred in the following areas: o Network Security (CISSP, C|EH, Security+, SANS, ISACA, Vendor Certificates) o Project Management and Quality Management (ITIL, Six Sigma, TQM, etc.) Ability to mesh sound technical and security practices to problem-solving Detailed knowledge of applicable security tools, technologies, and trends Thank you [email protected] Direct :- 972-645-0322, Ext :- 110 DMS Visions, INC Keywords: cprogramm |
[email protected] View all |
Thu Feb 08 03:19:00 UTC 2024 |