Georgia Farm Bureau
IT Cyber Security Analyst I
Georgia Farm Bureau, Macon, Georgia, us, 31297
REMOTE POSITION WITHIN GEORGIA
DESCRIPTION OF ESSENTIAL DUTIES:
Monitors incident-specific procedures to perform a basic triage of potential security incidents to determine the nature and priority and eliminating obvious false positives, process health alerts, and process requests for informationDevelop procedures to perform light, time-boxed analyses of potential security incidents, attempting to gather required information and eliminate false positivesBased on escalation procedures, determine potential security incidents and escalates, and implement countermeasures in response to others, perform light tuning (e.g., whitelisting) and recommend additional tuningMaintain awareness of the Insurance Technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by threat intelligence, and recent security incidentsProvides status and metric reporting and adhering to internal operational security and policies; Document all actions taken in the ticketing systemPerforms security project work as assigned
OTHER RESPONSIBILITIES/REQUIREMENTS
Continually improve the service by identifying and correcting issues or gaps in knowledge capital (analysis procedures, playbooks, network models), identifying and recommending new or updated tools, content, countermeasures, scripts, plug-ins, and other "glue"Perform peer reviews and consultations with other Cyber Security Analysts regarding potential security incidentsServe as a Subject Matter Expert in at least one security-related area (e.g., specific malware solution, python programming)Seek self-improvement and enhanced value by documenting a self-education roadmap and pursuing advancement to a Cyber Security Analyst II
QUALIFICATION, EDUCATION AND EXPERIENCE REQUIREMENTS:
Bachelor of Science in Computer Science or Information Management combined with five (5) years security or technology support experience required; Master's degree may substitute for some work experienceCertification include Security+, Certified Intrusion Analyst (GIAC), Certified Ethical Hacker (CEH)Experience with the following technologies: leading SIEM technologies, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP)Understanding of possible attack activities such as network probing/ scanning, Phishing, DDOS, malicious code activity, etc.Understanding of basic networking protocols such as IP, DNS, HTTPBasic knowledge in system security architecture and security solutionsMust be a self-starter who can consistently produce quality deliverables in a remote work environment.Preferred:
Excellent interpersonal, organizational, oral, and writing skillsStrong analytical and problem-solving skillsSelf-motivated to improve knowledge and skillsA strong desire to understand "the what" as well as "the why" and "the how" of security incidentsPrevious experience in Server administration or application developmentFundamental understanding of Computer ForensicsSUPERVISORY RESPONSIBILITIES:
NonePHYSICAL DEMANDS/WORK ENVIRONMENT:
Experience in a fast-paced support environment as a member of a 24x7x365 network and/or security operations team; Must be able to concentrate for long periods of timeMust be able to lift and carry 25 pounds on occasional basis
EOE M/F/D/V AA
#LI-Remote
DESCRIPTION OF ESSENTIAL DUTIES:
Monitors incident-specific procedures to perform a basic triage of potential security incidents to determine the nature and priority and eliminating obvious false positives, process health alerts, and process requests for informationDevelop procedures to perform light, time-boxed analyses of potential security incidents, attempting to gather required information and eliminate false positivesBased on escalation procedures, determine potential security incidents and escalates, and implement countermeasures in response to others, perform light tuning (e.g., whitelisting) and recommend additional tuningMaintain awareness of the Insurance Technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by threat intelligence, and recent security incidentsProvides status and metric reporting and adhering to internal operational security and policies; Document all actions taken in the ticketing systemPerforms security project work as assigned
OTHER RESPONSIBILITIES/REQUIREMENTS
Continually improve the service by identifying and correcting issues or gaps in knowledge capital (analysis procedures, playbooks, network models), identifying and recommending new or updated tools, content, countermeasures, scripts, plug-ins, and other "glue"Perform peer reviews and consultations with other Cyber Security Analysts regarding potential security incidentsServe as a Subject Matter Expert in at least one security-related area (e.g., specific malware solution, python programming)Seek self-improvement and enhanced value by documenting a self-education roadmap and pursuing advancement to a Cyber Security Analyst II
QUALIFICATION, EDUCATION AND EXPERIENCE REQUIREMENTS:
Bachelor of Science in Computer Science or Information Management combined with five (5) years security or technology support experience required; Master's degree may substitute for some work experienceCertification include Security+, Certified Intrusion Analyst (GIAC), Certified Ethical Hacker (CEH)Experience with the following technologies: leading SIEM technologies, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP)Understanding of possible attack activities such as network probing/ scanning, Phishing, DDOS, malicious code activity, etc.Understanding of basic networking protocols such as IP, DNS, HTTPBasic knowledge in system security architecture and security solutionsMust be a self-starter who can consistently produce quality deliverables in a remote work environment.Preferred:
Excellent interpersonal, organizational, oral, and writing skillsStrong analytical and problem-solving skillsSelf-motivated to improve knowledge and skillsA strong desire to understand "the what" as well as "the why" and "the how" of security incidentsPrevious experience in Server administration or application developmentFundamental understanding of Computer ForensicsSUPERVISORY RESPONSIBILITIES:
NonePHYSICAL DEMANDS/WORK ENVIRONMENT:
Experience in a fast-paced support environment as a member of a 24x7x365 network and/or security operations team; Must be able to concentrate for long periods of timeMust be able to lift and carry 25 pounds on occasional basis
EOE M/F/D/V AA
#LI-Remote