Cyber Security Analyst Job at TEKsystems in Hartford
TEKsystems, Hartford, CT, US
Job Description
3210666
** U.S. Citizens **
Top Three Skills:
1.) 3+ years Experience working with SIEM tools (Splunk preferred but not a must have)
2.) Experience working with Endpoint Protection tools (Tanium a plus but not a must have)
3.) Someone who has knowledge of troubleshooting infrastructure either as a systems or network admin.
Responsibilities:
The Cyber Security Analyst utilizes internal processes and tools to detect and respond to various threats.
Principal Responsibilities:
• Analyze and investigate ticketed events using various logs including firewalls, IDS/IPS, proxies, servers, endpoints and other network devices in an enterprise security information and event monitoring (SIEM).
• Recommend and initiate appropriate response activities using established incident handling and response procedures based on risk categorization.
• Collaborate and interact with peers and stakeholders across the Corporate and Business Unit cyber security and information technology organizations.
• Rotational, after-hours operational support (on-call)
• Perform other duties as assigned
Experience/Qualifications:
• Minimum 3 years working in Security Operations or Incident Response required.
• Excellent and demonstrated written and verbal communication skills; must be able to communicate technical details clearly and concisely with peers and all levels of management
• Capability to think and operate independently and in a team environment with minimal supervision
• Proactive and results driven mindset
• Strong process orientation and ability to develop and follow standard work; attention to detail
• Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment
• Proven ability to troubleshoot and solve technical issues
Candidate must have technical experience in the following areas:
• Splunk or other SIEM.
• Network analysis using tcpdump, Wireshark or other packet capture/inspection tools
• Searching, interpreting and working with data from enterprise logging systems including syslog, netflow and SIEM/SEIM platforms
• Scripting languages such as Python and PowerShell
• Malware sandboxes
• Windows, macOS, and Linux operating systems
• Endpoint protection suites such as Symantec, McAfee, Carbon Black or Tanium
• Systems or network architecture
• Collection and management of threat intelligence
• Host based forensics using EnCase, FTK or other digital forensics tools
Education:
Bachelor or Master’s degree in Computer Science/Engineering, Information Systems or related field with a minimum of 5 years experience.