Sr. Cybersecurity Analyst
Our client, an international consulting company, has asked Select Cyber to find a Sr. Cybersecurity Analyst. This role will be working with a great team in order to do the following-
The Sr. Cybersecurity Analyst will:
- Maintain situational awareness of cyber activity by reviewing open source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organization.
- Perform cyber threat intelligence analysis, correlate actionable security events, perform network traffic analysis using raw packet data, net flow, IDS, IPS, and custom sensor output as it pertains to the cyber security of communication networks, and participate in the coordination of resources during incident response efforts.
- Coordinate resources during enterprise incident response efforts, driving incidents to timely and complete resolution.
- Perform analytic support focused on Cyberspace doctrine, policies, strategies, capabilities, and Cyberspace groups, individuals, organizations, tools, tactics, and procedures.
- Employ advanced forensic tools and techniques for attack reconstruction, including forensic analysis and volatile data collection and analysis.
- Conduct malware analysis of attacker tools providing indicators for enterprise defensive measures.
- Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
- Recommend sound remediation and recovery strategies, suggest defensive policy enhancements and information technology procedures.
- Interface with external entities including law enforcement organizations, intelligence community organizations and other government agencies as required.
- Deliver status reports, briefings, recommendations, and findings to management and executives as required.
Requirements
Minimum Bachelor’s degree from an accredited institution in Computer Science, Information Technology or a related discipline, or equivalent experience/combined education, with some relevant working experience and specialized training that is commensurate with the assignment. Prefer Information Security Certifications i.e. CISSP, GCFA, GCIH, CHFI, SEC+.
Experience required:
- 4+ years professional technical and leadership experience in the information security field utilizing a mix of security technology such as: Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis. SIEM, Network Behavior Analysis tools, Antivirus, and Network Packet Analyzers, Digital Forensics tools in an Enterprise environment, Cyber Incident Response activities in an Enterprise environment.
- Knowledge of the TCP and IP protocol suite, security architecture, DNS and remote access security techniques and products.
- Splunk and Arcsight experience would be a plus