Universal Business Solutions
Sr. Cyber Defense Analyst
Universal Business Solutions, Englewood, Colorado, us, 80151
Senior Cyber Defense Analyst6 Month - Contract to Hire (W2)Denver, CO (Onsite)
Job Duties and Responsibilities:The main focus of the Cybersecurity Specialist is to identify, analyze, contain and eradicate threats on enterprise systems and infrastructure. The Cybersecurity Specialist will serve as subject-matter expert (SME) providing direct support to the frontline Cybersecurity Analysts. The Cybersecurity Specialist will also continuously and collaboratively improve processes, procedures, and training, for new technologies and defensive security techniques. The candidate must have a curious investigative mind, a passion for information security, and the ability to communicate complex ideas to varied audiences.
Key Responsibilities:
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activitiesUse cyber defense tools for continuous monitoring and analysis to identify anomalies and malicious activitySupport and mentor the frontline Cybersecurity Analyst staffDocument and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environmentAnalyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on systems and informationPerform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attackConduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)Perform cyber defense trend analysis and reportingCoordinate with enterprise-wide cyber defense staff to validate alerts and harden the enterprise with preventative controlsProvide daily summary reports of events and activity relevant to cyber defense practicesDevelop and analyze dashboards and reports to identify potential threatsDevelop monitoring and handling processes as new alert and event types are implementedPrepare technical reports for executive audiences with regard to incident response activities and learnings
Required Skills and Qualifications:
4+ years experience in Security OperationsExperience with cybersecurity investigationsExperience with various security technologies (SIEM, SOAR, UEBA, EDR, IDS/IPS, etc.)
Preferred Skills:
Experience with digital forensic analysisExperience with cyber threat intelligenceOne or more of the following certifications are strongly desired:CompTIA Network+CompTIA Security+AWS Certified Security - SpecialtyGIAC Certified Incident Handler (GCIH)GIAC Certified Intrusion Analyst (GCIA)GIAC Certified Detection Analyst (GCDA)
Skills to look for:
Have responded to alertsHave experience running security investigationsHave SIEM, SOAR, EDR, firewall/ids/ips understanding, log aggregation tools, log analysis, digital forensics, Cloud Security, App security, alert development/tuning, threat detection (UEBA), threat hunting/intel, DLPNice to have: Scripting, Python
Job Duties and Responsibilities:The main focus of the Cybersecurity Specialist is to identify, analyze, contain and eradicate threats on enterprise systems and infrastructure. The Cybersecurity Specialist will serve as subject-matter expert (SME) providing direct support to the frontline Cybersecurity Analysts. The Cybersecurity Specialist will also continuously and collaboratively improve processes, procedures, and training, for new technologies and defensive security techniques. The candidate must have a curious investigative mind, a passion for information security, and the ability to communicate complex ideas to varied audiences.
Key Responsibilities:
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activitiesUse cyber defense tools for continuous monitoring and analysis to identify anomalies and malicious activitySupport and mentor the frontline Cybersecurity Analyst staffDocument and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environmentAnalyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on systems and informationPerform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attackConduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)Perform cyber defense trend analysis and reportingCoordinate with enterprise-wide cyber defense staff to validate alerts and harden the enterprise with preventative controlsProvide daily summary reports of events and activity relevant to cyber defense practicesDevelop and analyze dashboards and reports to identify potential threatsDevelop monitoring and handling processes as new alert and event types are implementedPrepare technical reports for executive audiences with regard to incident response activities and learnings
Required Skills and Qualifications:
4+ years experience in Security OperationsExperience with cybersecurity investigationsExperience with various security technologies (SIEM, SOAR, UEBA, EDR, IDS/IPS, etc.)
Preferred Skills:
Experience with digital forensic analysisExperience with cyber threat intelligenceOne or more of the following certifications are strongly desired:CompTIA Network+CompTIA Security+AWS Certified Security - SpecialtyGIAC Certified Incident Handler (GCIH)GIAC Certified Intrusion Analyst (GCIA)GIAC Certified Detection Analyst (GCDA)
Skills to look for:
Have responded to alertsHave experience running security investigationsHave SIEM, SOAR, EDR, firewall/ids/ips understanding, log aggregation tools, log analysis, digital forensics, Cloud Security, App security, alert development/tuning, threat detection (UEBA), threat hunting/intel, DLPNice to have: Scripting, Python