Saxon Global
Cyber Security Analyst
Saxon Global, Malvern, Pennsylvania, United States, 19355
This is a 12 month contract with Vanguard. 100% remote. All visa - No H1B. Only EST candidate. Someone local to PA is the best. Linkedin is must.
Required Skills - SIEM, cyber Security backback
Job Profile Summary
Perform network and endpoint threat hunting and creating and maintaining SIEM correlation rules, reports and dashboards.Provide orchestration and automation for SOC processes and creating and maintaining SOC standard operations procedures.Duties and Responsibilities
Partners with IT and business units to create, document and monitor Managed Services statements of work.Ensures detection and mitigation controls are implemented.Responds to violations following incident management processes and reports out to management.Implements security monitoring and documents standard operations procedures for the Incident Management Team.Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency.Monitors security systems, analyzes events and investigates security-related incidents.Creates Threat Hunting models for Endpoints and Network Traffic.Analyzes endpoint including logging, EDR, IPS and DLP tools.Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools.Focuses on critical systems within organization's network to detect, respond and handle incidents related to unauthorized activity, malware, and APTsKeeps management within the department informed by communicating progress, issues, concerns and opportunities.Assesses and immediately notifies manager of any potential information security breech and security issues that may have a negative impact on business operations.Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise.Maintains an awareness of the department's dashboard and provides suggestions to improve performance.Identifies Tactical Intelligence relevant to organizations systems.Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls.Escalates internal threat issues to the Insider Threat Team.Participates in special projects and performs other duties as assigned.Skill and Experience
Demonstrated initiative and ability to work independently with attention to detail.Experience analyzing endpoint logging, detection, response and forensic tools.Experience creating rules, reports and dashboards in SIEM tools.Knowledge of security administration concepts, theories and practices.Familiarity with enterprise-wide security administration tools.Undergraduate degree in information technology-related field or equivalent combination of training and experience.
Required Skills - SIEM, cyber Security backback
Job Profile Summary
Perform network and endpoint threat hunting and creating and maintaining SIEM correlation rules, reports and dashboards.Provide orchestration and automation for SOC processes and creating and maintaining SOC standard operations procedures.Duties and Responsibilities
Partners with IT and business units to create, document and monitor Managed Services statements of work.Ensures detection and mitigation controls are implemented.Responds to violations following incident management processes and reports out to management.Implements security monitoring and documents standard operations procedures for the Incident Management Team.Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency.Monitors security systems, analyzes events and investigates security-related incidents.Creates Threat Hunting models for Endpoints and Network Traffic.Analyzes endpoint including logging, EDR, IPS and DLP tools.Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools.Focuses on critical systems within organization's network to detect, respond and handle incidents related to unauthorized activity, malware, and APTsKeeps management within the department informed by communicating progress, issues, concerns and opportunities.Assesses and immediately notifies manager of any potential information security breech and security issues that may have a negative impact on business operations.Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise.Maintains an awareness of the department's dashboard and provides suggestions to improve performance.Identifies Tactical Intelligence relevant to organizations systems.Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls.Escalates internal threat issues to the Insider Threat Team.Participates in special projects and performs other duties as assigned.Skill and Experience
Demonstrated initiative and ability to work independently with attention to detail.Experience analyzing endpoint logging, detection, response and forensic tools.Experience creating rules, reports and dashboards in SIEM tools.Knowledge of security administration concepts, theories and practices.Familiarity with enterprise-wide security administration tools.Undergraduate degree in information technology-related field or equivalent combination of training and experience.