Cyber Security Analyst
6AM City
- Seattle, Washington, United States
- Seattle, Washington, United States
Über
U.S. Citizens Top Three Skills
3+ years Experience working with SIEM tools (Splunk preferred but not a must have)
Experience working with Endpoint Protection tools (Tanium a plus but not a must have)
Someone who has knowledge of troubleshooting infrastructure either as a systems or network admin
Responsibilities The Cyber Security Analyst utilizes internal processes and tools to detect and respond to various threats.
Principal Responsibilities
Analyze and investigate ticketed events using various logs including firewalls, IDS/IPS, proxies, servers, endpoints and other network devices in an enterprise security information and event monitoring (SIEM).
Recommend and initiate appropriate response activities using established incident handling and response procedures based on risk categorization.
Collaborate and interact with peers and stakeholders across the Corporate and Business Unit cyber security and information technology organizations.
Rotational, after-hours operational support (on-call)
Perform other duties as assigned
Experience / Qualifications
Minimum 3 years working in Security Operations or Incident Response required.
Excellent and demonstrated written and verbal communication skills; must be able to communicate technical details clearly and concisely with peers and all levels of management.
Capability to think and operate independently and in a team environment with minimal supervision.
Proactive and results driven mindset.
Strong process orientation and ability to develop and follow standard work; attention to detail.
Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment.
Proven ability to troubleshoot and solve technical issues.
Candidate must have technical experience in the following areas:
Technical Experience Required
Splunk or other SIEM.
Network analysis using tcpdump, Wireshark or other packet capture/inspection tools.
Searching, interpreting and working with data from enterprise logging systems including syslog, netflow and SIEM/SEIM platforms.
Scripting languages such as Python and PowerShell.
Malware sandboxes.
Windows, macOS, and Linux operating systems.
Endpoint protection suites such as Symantec, McAfee, Carbon Black or Tanium.
Systems or network architecture.
Collection and management of threat intelligence.
Host based forensics using EnCase, FTK or other digital forensics tools.
Education Bachelor or Master’s degree in Computer Science/Engineering, Information Systems or related field with a minimum of 5 years experience.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.