Universal Business Solutions
Sr. Cyber Defense Analyst
Universal Business Solutions, Englewood, Colorado, us, 80151
Senior Cyber Defense Analyst
6 Month - Contract to Hire (W2)
Denver, CO (Onsite)
Job Duties and Responsibilities: The main focus of the Cybersecurity Specialist is to identify, analyze, contain and eradicate threats on enterprise systems and infrastructure. The Cybersecurity Specialist will serve as subject-matter expert (SME) providing direct support to the frontline Cybersecurity Analysts. The Cybersecurity Specialist will also continuously and collaboratively improve processes, procedures, and training, for new technologies and defensive security techniques. The candidate must have a curious investigative mind, a passion for information security, and the ability to communicate complex ideas to varied audiences.
Key Responsibilities:
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities Use cyber defense tools for continuous monitoring and analysis to identify anomalies and malicious activity Support and mentor the frontline Cybersecurity Analyst staff Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on systems and information Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings) Perform cyber defense trend analysis and reporting Coordinate with enterprise-wide cyber defense staff to validate alerts and harden the enterprise with preventative controls Provide daily summary reports of events and activity relevant to cyber defense practices Develop and analyze dashboards and reports to identify potential threats Develop monitoring and handling processes as new alert and event types are implemented Prepare technical reports for executive audiences with regard to incident response activities and learnings
Required Skills and Qualifications:
4+ years experience in Security Operations Experience with cybersecurity investigations Experience with various security technologies (SIEM, SOAR, UEBA, EDR, IDS/IPS, etc.)
Preferred Skills:
Experience with digital forensic analysis Experience with cyber threat intelligence One or more of the following certifications are strongly desired: CompTIA Network+ CompTIA Security+ AWS Certified Security - Specialty GIAC Certified Incident Handler (GCIH) GIAC Certified Intrusion Analyst (GCIA) GIAC Certified Detection Analyst (GCDA)
Skills to look for:
Have responded to alerts Have experience running security investigations Have SIEM, SOAR, EDR, firewall/ids/ips understanding, log aggregation tools, log analysis, digital forensics, Cloud Security, App security, alert development/tuning, threat detection (UEBA), threat hunting/intel, DLP Nice to have: Scripting, Python
Job Duties and Responsibilities: The main focus of the Cybersecurity Specialist is to identify, analyze, contain and eradicate threats on enterprise systems and infrastructure. The Cybersecurity Specialist will serve as subject-matter expert (SME) providing direct support to the frontline Cybersecurity Analysts. The Cybersecurity Specialist will also continuously and collaboratively improve processes, procedures, and training, for new technologies and defensive security techniques. The candidate must have a curious investigative mind, a passion for information security, and the ability to communicate complex ideas to varied audiences.
Key Responsibilities:
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities Use cyber defense tools for continuous monitoring and analysis to identify anomalies and malicious activity Support and mentor the frontline Cybersecurity Analyst staff Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on systems and information Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings) Perform cyber defense trend analysis and reporting Coordinate with enterprise-wide cyber defense staff to validate alerts and harden the enterprise with preventative controls Provide daily summary reports of events and activity relevant to cyber defense practices Develop and analyze dashboards and reports to identify potential threats Develop monitoring and handling processes as new alert and event types are implemented Prepare technical reports for executive audiences with regard to incident response activities and learnings
Required Skills and Qualifications:
4+ years experience in Security Operations Experience with cybersecurity investigations Experience with various security technologies (SIEM, SOAR, UEBA, EDR, IDS/IPS, etc.)
Preferred Skills:
Experience with digital forensic analysis Experience with cyber threat intelligence One or more of the following certifications are strongly desired: CompTIA Network+ CompTIA Security+ AWS Certified Security - Specialty GIAC Certified Incident Handler (GCIH) GIAC Certified Intrusion Analyst (GCIA) GIAC Certified Detection Analyst (GCDA)
Skills to look for:
Have responded to alerts Have experience running security investigations Have SIEM, SOAR, EDR, firewall/ids/ips understanding, log aggregation tools, log analysis, digital forensics, Cloud Security, App security, alert development/tuning, threat detection (UEBA), threat hunting/intel, DLP Nice to have: Scripting, Python