Cybersecurity Analyst

United States (Remote) | 5 - 8 years experience

Designation : Cybersecurity Analyst

Salary : Best in Industry

Experience : 5 - 8 years

Joining : Immediate/15 days

Location : United States (Remote)

Job Description

As the world around us becomes more connected and more digital, there are increased opportunities for fraud and disruption due to cybersecurity attacks. The need for companies, products, and services to be secure is more important than ever in this constantly changing landscape. Are you passionate about keeping good people safe from bad actors? We are too!

Experience :

  1. Experience across threat hunting/ compromise assessments
  2. Parsing the logs in SIEM (Sentinel) solution and keep functional by ensuring that all relevant log sources are actively parsed
  3. Security Event Correlation as received from Level 2 Security Operations or Incident Response staff or relevant sources to determine the increased risk
  4. Support the annual penetration testing by ensuring that our pen test consultants can log into our environment and maneuver through it
  5. 5 to 8 years’ experience in Cyber Forensic, Cyber Defense and Threat Intelligence

Responsibilities :

  1. Analyze security events from endpoints (Windows, Mac, Linux), Network IDS, Web-proxies, Mail-gateways, Active Directory infrastructure.
  2. Perform event correlation analysis on potential threats identified through a SIEM tool.
  3. Investigate anomalies observed within the network and remediate network and systems outages.
  4. Detect and investigate information security incidents.
  5. Propose Incident response actions and remediation plan.
  6. Identification of potential vectors of attacks, develop detection methods of these attacks by existing technological solutions
  7. Adjust detection logic to fit Customer needs (filter out false positives, customize correlation rules.
  8. Communicate with Customers regarding detected incidents and suspicious activities.

Skills and Qualification:

  1. SIEM - Splunk /QRadar/Sentinel Certification.
  2. Must have a technical working knowledge SIEM, EDR, antimalware, penetration testing, vulnerability scans, ACLs, and IDS/IPS Concepts.
  3. CEH/ OSCP/ CISSP/CISM and other relevant Certifications.