IT Cyber security Analyst

NC, Raleigh

Company Name :IBA Infotech LLC

Type : Contract

Primary Skills : DOE

Location : NC

CTC : CCNA Cyber Ops, GCIA, GCIH, CEH, CySA+, OSCP

Job Description:

Job Responsibilities

  • Perform incident response, with a primary focus of eliminating the threat to the network and determining the cause of the security incident while preserving evidence for further analysis
  • Ensure incidents are handed in a manner that is consistent with established playbooks
  • Monitors SIEM and logging for alerts of potential network threats, intrusions, and/or compromises
  • Responsible for understanding the global threat environment and general security best practices
  • Assists with triage of service requests from automated sensors and internal requests for assistance
  • Participates in active cyber hunting to identify and eliminate known and unknown network threats
  • Interface with technical personnel from various disciplines to rapidly resolve critical issues
  • Appropriately inform and advise the leadership of incidents and propose effective response and/or countermeasures for containment.
  • Participate in knowledge sharing with other security engineers and partners.
  • Identify, document, and recommend new or revised incident response playbooks
  • Drive continuous improvement of processes and procedures to improve analysis, detection, and mitigation of incidents in support of the overall Cyber Defense mission
  • Create and drive action plans to address recurring or ongoing information security incidents.
  • Develop and maintain reporting metrics used to measure team performance, ensure analyst adherence to processes/procedures for operational consistency, identify process improvements, coaching, training and professional development of the staff.
  • Participate in the planning and implementation of information security technology projects. Serve as point-person and subject matter expert for issues and projects related to Cyber Security Counter Threat Operations.
  • Collaboration as appropriate with leadership and other key stakeholders

 

Required:

  • Knowledge of industry-recognized analysis frameworks (Kill Chain, Diamond Model, MITRE ATT&CK, NIST Incident Response, etc.) and thorough understanding of fundamental security and network concepts
  • 1-3 years' work experience as a security analyst or similar role with the ability to lead shift for the Security Operations Center
  • Ability to demonstrate triage and investigations utilizing multiple security sensors including documentation and debriefing of incidents.

 

Preferred:

  • Experience with network monitoring in a SOC environment
  • BS in Computer Science, Computer Engineering, Cyber Security, Forensics and/or equivalent work experience
  • Security certifications (e.g. Security+, CCNA Cyber Ops, GCIA, GCIH, CEH, CySA+, OSCP, etc.)
  • Experience and knowledge conducting cyber threat analysis originating from phishing emails
  • Previous experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms
  • Development experience in one or more of the following: C+, Python, PS, Bash, or Java