| Looking for Security Analyst 3 Fully Remote role at Remote, Remote, USA |
| Email: [email protected] |
|
Processing description: http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=2059992&uid= From: Sushmita Soni, Sonitalent [email protected] Reply to: [email protected] Hi Hope you are doing well, We are looking for Security Analyst 3 if you are interested kindly send me your updated resume. Job Title: Security Analyst 3 Location: Fully Remote (Only candidates in CST, EST, MST) Duration of project: 12 months Required visa: or only W2 Only Required: Perfect communication Use Kusto Query Language (KQL) to run regular queries for detecting patterns and anomalies. Skilled with Microsoft Sentinel and Azure Security Center. Skilled with Defender for Endpoint, Defender for Identity, Defender for Cloud Monitor security events and alerts across the Microsoft Unified Security Platform and conduct investigation, containment, and remediation of complex security incidents, including provide root cause analysis and deliver detailed incident reports with remediation recommendations. Forensic investigation, malware analysis, and memory forensics. Incident detection and response workflows. Automation with Power and Azure Logic Apps. Understanding of security frameworks, including MITRE ATT&CK and NIST 5+ years cybersecurity, 3+ years SOC operations. Certifications (Preferred): Microsoft Certified: Security Operations Analyst Associate Certified Information Systems Security Professional (CISSP) or similar. Certified Incident Handler (GCIH) or similar. Job Summary: The Senior Security Analyst is responsible for monitoring, analyzing, and responding to security threats across a comprehensive security infrastructure. This includes utilizing tools such as Microsoft Sentinel, Defender for Endpoint, Defender for Identity, Defender for Cloud, and Azure Security Center. This role involves leveraging the Unified Security Platform to ensure the protection of the organization's information systems and data. Key Responsibilities: Proactively monitor security events and alerts across the Microsoft Unified Security Platform and conduct investigation, containment, and remediation of complex security incidents, including provide root cause analysis and deliver detailed incident reports with remediation recommendations. Use Kusto Query Language (KQL) to run regular queries for detecting patterns and anomalies. Utilize analytics to identify unusual behavior and potential threats, including user and entity behavior analytics (UEBA) using Sentinel. Correlate alerts from different sources to identify multi-stage attacks. Regularly review and optimize threat hunting processes to identify and address hidden risks. Leverage data sources such as network, endpoint, and cloud activity logs in Sentinel to create workbooks and dashboards for real-time monitoring. Additionally, automate responses to alerts using playbooks. Conduct in-depth log analysis and enrichment to improve event visibility and detection. Perform real-time threat hunting using MITRE ATT&CK tactics and techniques. Monitor the effectiveness of endpoint protection policies within Microsoft Defender for Endpoint. Analyze alerts for false positives/negatives and improve detection accuracy by tuning detection logic. Conduct periodic reviews of user activity and behavioral analytics to detect insider threats or compromised accounts. Stay updated on emerging threats and vulnerabilities, applying intelligence to enhance detection capabilities. Coordinate with internal and external stakeholders to handle critical incidents effectively. Utilize Microsoft Sentinel's threat intelligence feeds for real-time detection of emerging threats. Mentor and train junior SOC analysts on Microsoft security tools, techniques, and best practices. Lead threat simulation exercises and red team/blue team drills to assess SOC readiness. Assist in creating and updating SOC documentation, including detection rules, runbooks, and workflows. Create and manage incident response playbooks using Logic Apps for automated actions. Provide recommendations for maturing SOC capabilities, leveraging Microsoft solutions. Qualifications and Skills: Technical Skills: Experience in Microsoft Unified Security Platform: Microsoft Sentinel (SIEM) Microsoft Defender for Endpoint, Identity, and Cloud Azure Security Center and related tools. Experience with KQL (Kusto Query Language) for advanced log and data analysis. Experience with forensic investigation, malware analysis, and memory forensics. In-depth knowledge of incident detection and response workflows. Familiarity with automation tools like Power and Azure Logic Apps. Strong understanding of security frameworks, including MITRE ATT&CK and NIST Soft Skills: Strong analytical and problem-solving abilities. Excellent communication and collaboration skills. Ability to work under pressure and manage multiple priorities. Leadership and mentoring capabilities. Professional Experience: 5+ years of experience in cybersecurity, with at least 3 years specializing in SOC operations. Proven expertise in using Microsoft security tools to handle complex security challenges. Certifications (Preferred): Microsoft Certified: Security Operations Analyst Associate Certified Information Systems Security Professional (CISSP) or similar. Certified Incident Handler (GCIH) or similar. Thanks & Regards Sushmita Soni Sr. Technical Recruiter | SoniTalent Corp. Desk | 859-659-1004 EXT 201 [email protected] Address - 5404 Merribrook Lane, Prospect, KY, USA Keywords: card wtwo Kentucky Looking for Security Analyst 3 Fully Remote role [email protected] http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=2059992&uid= |
| [email protected] View All |
| 04:00 AM 08-Jan-25 |