RADIANT
Cyber Security Analyst
RADIANT, Ashburn, Virginia, United States, 22011
About Us:Radiant Digital delivers technology consulting and business solutions for commercial and government clients.
Our flexible delivery model allows us to provide end-to-end solution delivery, single project execution, and, or strategic resources.
CMMI Maturity Level III and ISO 9001 - 2015 certified.
Responsibilities:MUST HAVE SKILLS: * Ability to obtain GSA Public Trust clearance
At least three years of experience in security-related fields including prior SOC experience
Ability to communicate clearly and concisely in written and oral English
Experience using a supported Security Incident Event Management (SIEM) for analytics
Knowledgeable with scripting, parsing, and query development in enterprise SIEM solutions
Experience in tuning use cases & content, driven from day to day optimizations, with understanding of best practices to ensure adjustments do not cause false negatives
Experience with documenting processes and procedures as well as training team members on processes and procedures
Exceptional problem solving skills
Ability to drive process improvements and identify gaps
Proactive in engaging with customers and Verizon management teams
Thorough understanding of threat landscape and indicators of compromise
Experience with incident response techniques related to network forensic analysis
Experience investigating security incidents with SIEMs, use case development/tuning, and understanding of incident response
Experience with IPS including analyzing alerts generated by the inspection with consideration to how signatures are written, and how to identify false positives
Experience with implementing changes on next generation firewalls including firewall policy & content inspection configuration (Fortimanager, Fortigate, Cisco, Palo Alto, Checkpoint, etc.)
Skilled with Linux command line
Experience with health and availability monitoring; understanding of device logging and ingestion, network troubleshooting, and device troubleshooting DESIRED SKILLS:
Scripting knowledge in (ie. Python, Powershell, Bash Shell, Java, etc.)
Incident response experience utilizing different SIEMs and industry best practices
Experience with customer service and supporting service desk functions such as IAM management
Requirements:JOB DUTIES: Security Analysts comprise the primary labor force within the Security Operations Center.
Tier-2 Security Analysts come from an enterprise background with at least three years' experience working in a security-related field, enabling them to undertake a wide variety of tasks across a number of different platforms. Analysts will handle day-to-day tasks, as well as short-notice ad-hoc work, and see the tasks through to completion with minimal supervision. Security Analysts provide critical value to the Security Incident and Event Management (SIEM) workflow, leveraging their extensive knowledge to provide context to events; recommendations for remediation actions; and suggestions for implementing best practices and improving standard processes and procedures. Duties of the Tier-2 Senior Security Analyst include:
Provide "eyes on glass" near real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing a proprietary SIEM and cybersecurity tools;
Perform near real-time security monitoring of alerts and escalating critical alerts in compliance with the service level agreement; - Detect security incidents and analyze threats for complex and/or escalated security events;
Respond to customer Requests For Information including using Linux command line skills to query raw logs for IOCs, answering questions about the MSS infrastructure, and features of the SIEM including correlation engine while recommending best practices;
Develop internal and/or external documentation, such as detailed procedures, playbooks, and runbooks; review and assess reports concerning operational metrics;
Perform level 2 assessment of incoming alerts (assessing the priority of the alert, determining severity of alert in respect to customer environment, correlating additional details) and coordinate with tier III for critical priority incidents, if necessary;
Perform incident response activities utilizing customer SIEM and cybersecurity toolkits; - Assist with quality control during onboarding of new customers to verify validity of Use Cases and generated alerts; - Utilize the SOC Knowledge Base and provide input on revisions as needed; EDUCATION/CERTIFICATIONS:
Required: Bachelors or higher degree in Computer Science, Information Security, or similar discipline
Required: industry certification(s) such as CISSP, SANS GIAC or GCIH, CompTIA Security+, CCNP-Security, Palo Alto CNSE, Fortinet NSE, CySA+, GCED, CEH, or comparable security-related certification
LOGISTICS: * Shift work required, including nights and weekends. Team members work 5x8 hour shifts per week. The position would start off as a Monday through Friday 7:00a, - 3:30pm while the new hire is onboarded and trained. - Position is Hybrid. Tues - Sat schedule once onboarded with the requirement to be in the Cary or Ashburn office 4 days a month typically on Tues and Wed Business Unit VZB Network Svcs, Inc. Site Ashburn-VA-USA Job Posting Service Type Temp Business Unit VZB Network Svcs, Inc. Site Ashburn-VA-USA Job Posting Service Type Temp
Our flexible delivery model allows us to provide end-to-end solution delivery, single project execution, and, or strategic resources.
CMMI Maturity Level III and ISO 9001 - 2015 certified.
Responsibilities:MUST HAVE SKILLS: * Ability to obtain GSA Public Trust clearance
At least three years of experience in security-related fields including prior SOC experience
Ability to communicate clearly and concisely in written and oral English
Experience using a supported Security Incident Event Management (SIEM) for analytics
Knowledgeable with scripting, parsing, and query development in enterprise SIEM solutions
Experience in tuning use cases & content, driven from day to day optimizations, with understanding of best practices to ensure adjustments do not cause false negatives
Experience with documenting processes and procedures as well as training team members on processes and procedures
Exceptional problem solving skills
Ability to drive process improvements and identify gaps
Proactive in engaging with customers and Verizon management teams
Thorough understanding of threat landscape and indicators of compromise
Experience with incident response techniques related to network forensic analysis
Experience investigating security incidents with SIEMs, use case development/tuning, and understanding of incident response
Experience with IPS including analyzing alerts generated by the inspection with consideration to how signatures are written, and how to identify false positives
Experience with implementing changes on next generation firewalls including firewall policy & content inspection configuration (Fortimanager, Fortigate, Cisco, Palo Alto, Checkpoint, etc.)
Skilled with Linux command line
Experience with health and availability monitoring; understanding of device logging and ingestion, network troubleshooting, and device troubleshooting DESIRED SKILLS:
Scripting knowledge in (ie. Python, Powershell, Bash Shell, Java, etc.)
Incident response experience utilizing different SIEMs and industry best practices
Experience with customer service and supporting service desk functions such as IAM management
Requirements:JOB DUTIES: Security Analysts comprise the primary labor force within the Security Operations Center.
Tier-2 Security Analysts come from an enterprise background with at least three years' experience working in a security-related field, enabling them to undertake a wide variety of tasks across a number of different platforms. Analysts will handle day-to-day tasks, as well as short-notice ad-hoc work, and see the tasks through to completion with minimal supervision. Security Analysts provide critical value to the Security Incident and Event Management (SIEM) workflow, leveraging their extensive knowledge to provide context to events; recommendations for remediation actions; and suggestions for implementing best practices and improving standard processes and procedures. Duties of the Tier-2 Senior Security Analyst include:
Provide "eyes on glass" near real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing a proprietary SIEM and cybersecurity tools;
Perform near real-time security monitoring of alerts and escalating critical alerts in compliance with the service level agreement; - Detect security incidents and analyze threats for complex and/or escalated security events;
Respond to customer Requests For Information including using Linux command line skills to query raw logs for IOCs, answering questions about the MSS infrastructure, and features of the SIEM including correlation engine while recommending best practices;
Develop internal and/or external documentation, such as detailed procedures, playbooks, and runbooks; review and assess reports concerning operational metrics;
Perform level 2 assessment of incoming alerts (assessing the priority of the alert, determining severity of alert in respect to customer environment, correlating additional details) and coordinate with tier III for critical priority incidents, if necessary;
Perform incident response activities utilizing customer SIEM and cybersecurity toolkits; - Assist with quality control during onboarding of new customers to verify validity of Use Cases and generated alerts; - Utilize the SOC Knowledge Base and provide input on revisions as needed; EDUCATION/CERTIFICATIONS:
Required: Bachelors or higher degree in Computer Science, Information Security, or similar discipline
Required: industry certification(s) such as CISSP, SANS GIAC or GCIH, CompTIA Security+, CCNP-Security, Palo Alto CNSE, Fortinet NSE, CySA+, GCED, CEH, or comparable security-related certification
LOGISTICS: * Shift work required, including nights and weekends. Team members work 5x8 hour shifts per week. The position would start off as a Monday through Friday 7:00a, - 3:30pm while the new hire is onboarded and trained. - Position is Hybrid. Tues - Sat schedule once onboarded with the requirement to be in the Cary or Ashburn office 4 days a month typically on Tues and Wed Business Unit VZB Network Svcs, Inc. Site Ashburn-VA-USA Job Posting Service Type Temp Business Unit VZB Network Svcs, Inc. Site Ashburn-VA-USA Job Posting Service Type Temp