Hatch IT
Senior Cyber Security Threat Analyst
Hatch IT, Reston, Virginia, United States, 22090
About the role:
Neovera is seeking a seasoned Senior Cyber Security Threat Analyst to perform threat intelligence client services, research, security automation, and mentoring of SOC Analysts in our MSSP business. The senior level threat analyst will report directly to the Senior Vice President of Cyber Security Services.
The senior threat analyst will triage and analyze security alerts and events from Neovera’s MSSP platform with other SOC Analysts and engineers. You will be responsible for analyzing, identifying and eliminating customer security alerts. You will require good analytical skills, good communication skills (written and verbal) and highly technical skills. In addition, we are looking for the senior level threat analyst to work on automating our SecOps processes and procedures. Examples of ongoing automation tasks you will perform are listed below.
Writing security alert rules for our SIEM and logging tools
Building Integration with our SIEM tools, 3rd security tools, and service management tools to streamline the incident to resolution process and remediation processes
Build Sentinel Workbooks, Playbooks & Logic Apps
The senior threat analyst will also perform Neovera global threat research and coordination with other threat exchange labs around the globe to continue to build the threat intelligence, correlation directives, into our Cyber Security solution.
About the Company:
At Neovera we use a combination of commercial and open-source tools to solve our client’s problems. Are you looking to work with other highly technical engineers, analysts, and architects without the red tape and be technically challenged? Then you have found the right place at Neovera.
Benefits:
The overall well-being of our employees and their families is important, and Neovera provides many valuable benefits, programs and tools to help manage the various phases, developments, and priorities in your life which include:
Medical and dental insurance coverage
FSA- health and dependent care expenses
Telecommuting and work-life balance
Life insurance
Short and long-term disability insurance
Generous paid time off (vacation, sick, floating holidays)
401(k) retirement plan
Competitive base salary
Essential Duties and Responsibilities:
Lead and manage the cyber security threat analysts
Provide first and second level technical resolution for security alerts and SOC service requests in coordination with SOC Analysts
Engage with clients around our SOC services and Cyber Security Monitoring solution
Continuously look to streamline and reduce costs via improving processes and security automation
Mentor SOC Analyst team members
Continuous Global Threat research to add intelligence and correlation directives to our Cyber Security SIEM solution
Work with our Cyber Security partners on integrating their feeds/logs into our systems, especially our partner threat intelligence exchange
Log and record all alerts with integrated ticketing
Identify weaknesses in customer infrastructures and suggest improvements
Technical and analytical skills to handle security incidents and threats
Resolve or escalate incidents
Provide timely and reliable service to customers
Inform himself about the latest vulnerabilities, exploits and other threat information
Operation of the Security Monitoring and ticketing systems platform
Integrate customer environments
Mentor and train customers using and operating the client portal portions of the security Monitoring and ticketing system platform
Document solutions, process, or procedures and present in written document, verbally on the phone, or in person
Qualifications:
10-15 years of information security experience
5+ years of experience doing IT Security automation with scripting and/or programming languages
24x7 SOC experience working with or for a MSSP is highly desirable
Security experience with Microsoft Azure environments and security tools such as Microsoft Sentinel, Security Center, Defender
Experience with Microsoft Azure automation tools such as Sentinel Playbooks, logic apps
Experience with Microsoft Kusto Query Language (KQL)
Experience with using AT&T USM Central & Anywhere (Formerly Alienvault)
Programming / shell scripting experience highly desirable (Powershell, Python, Java, shell scripts, etc.)
Experience as a Linux and/or Windows System Administrator a plus
Experience as a Network Administrator a plus
Knowledge of configuring and implementing technical security solutions (Firewalls, NIDS, HIDS, OSSEC, SIEM, Antivirus, Antispam, etc.)
Curiosity and strong desire to constantly learn
Bachelor’s degree in Computer Science, Cyber Security, or equivalent demonstrated experience and knowledge.
Solid understanding of application, operating system, and networking security
Requirement for on-call work and working in a 24x7x365 environment
TCP/IP protocols such as SMTP, HTTP, POP3, IMAP
Command line interfaces
Linux user and administrator experience a plus
Keen ability to troubleshoot technical and security problems
#J-18808-Ljbffr
Neovera is seeking a seasoned Senior Cyber Security Threat Analyst to perform threat intelligence client services, research, security automation, and mentoring of SOC Analysts in our MSSP business. The senior level threat analyst will report directly to the Senior Vice President of Cyber Security Services.
The senior threat analyst will triage and analyze security alerts and events from Neovera’s MSSP platform with other SOC Analysts and engineers. You will be responsible for analyzing, identifying and eliminating customer security alerts. You will require good analytical skills, good communication skills (written and verbal) and highly technical skills. In addition, we are looking for the senior level threat analyst to work on automating our SecOps processes and procedures. Examples of ongoing automation tasks you will perform are listed below.
Writing security alert rules for our SIEM and logging tools
Building Integration with our SIEM tools, 3rd security tools, and service management tools to streamline the incident to resolution process and remediation processes
Build Sentinel Workbooks, Playbooks & Logic Apps
The senior threat analyst will also perform Neovera global threat research and coordination with other threat exchange labs around the globe to continue to build the threat intelligence, correlation directives, into our Cyber Security solution.
About the Company:
At Neovera we use a combination of commercial and open-source tools to solve our client’s problems. Are you looking to work with other highly technical engineers, analysts, and architects without the red tape and be technically challenged? Then you have found the right place at Neovera.
Benefits:
The overall well-being of our employees and their families is important, and Neovera provides many valuable benefits, programs and tools to help manage the various phases, developments, and priorities in your life which include:
Medical and dental insurance coverage
FSA- health and dependent care expenses
Telecommuting and work-life balance
Life insurance
Short and long-term disability insurance
Generous paid time off (vacation, sick, floating holidays)
401(k) retirement plan
Competitive base salary
Essential Duties and Responsibilities:
Lead and manage the cyber security threat analysts
Provide first and second level technical resolution for security alerts and SOC service requests in coordination with SOC Analysts
Engage with clients around our SOC services and Cyber Security Monitoring solution
Continuously look to streamline and reduce costs via improving processes and security automation
Mentor SOC Analyst team members
Continuous Global Threat research to add intelligence and correlation directives to our Cyber Security SIEM solution
Work with our Cyber Security partners on integrating their feeds/logs into our systems, especially our partner threat intelligence exchange
Log and record all alerts with integrated ticketing
Identify weaknesses in customer infrastructures and suggest improvements
Technical and analytical skills to handle security incidents and threats
Resolve or escalate incidents
Provide timely and reliable service to customers
Inform himself about the latest vulnerabilities, exploits and other threat information
Operation of the Security Monitoring and ticketing systems platform
Integrate customer environments
Mentor and train customers using and operating the client portal portions of the security Monitoring and ticketing system platform
Document solutions, process, or procedures and present in written document, verbally on the phone, or in person
Qualifications:
10-15 years of information security experience
5+ years of experience doing IT Security automation with scripting and/or programming languages
24x7 SOC experience working with or for a MSSP is highly desirable
Security experience with Microsoft Azure environments and security tools such as Microsoft Sentinel, Security Center, Defender
Experience with Microsoft Azure automation tools such as Sentinel Playbooks, logic apps
Experience with Microsoft Kusto Query Language (KQL)
Experience with using AT&T USM Central & Anywhere (Formerly Alienvault)
Programming / shell scripting experience highly desirable (Powershell, Python, Java, shell scripts, etc.)
Experience as a Linux and/or Windows System Administrator a plus
Experience as a Network Administrator a plus
Knowledge of configuring and implementing technical security solutions (Firewalls, NIDS, HIDS, OSSEC, SIEM, Antivirus, Antispam, etc.)
Curiosity and strong desire to constantly learn
Bachelor’s degree in Computer Science, Cyber Security, or equivalent demonstrated experience and knowledge.
Solid understanding of application, operating system, and networking security
Requirement for on-call work and working in a 24x7x365 environment
TCP/IP protocols such as SMTP, HTTP, POP3, IMAP
Command line interfaces
Linux user and administrator experience a plus
Keen ability to troubleshoot technical and security problems
#J-18808-Ljbffr