Sr Cyber Security Analyst

Company: Sourced.
Location: Alpharetta
Posted on: February 19, 2021

Job Description:

About The CompanyThis Cybersecurity company is seeking a highly-driven, customer focused Senior Cybersecurity Analyst with 24 X 7 incident response, monitoring experience using SIEM software to join their team. The company is in a period of high-growth (over 50% growth last year) and needs a team members who is smart, capable, and willing to do what it takes to keep up with the ever-growing demands of the organization.This company believes deeply in the greater mission for the company and its community. They embody a hard-working leadership mentality but also focus on creating a culture of fun and closeness to the team. They are seeking team members that hold their same values of integrity, work ethic, and teamwork.Sourced. is hiring on behalf of this company.
Essential Job Functions (include but are not limited to the following):

• Create new trouble tickets for alerts that signal an incident or threat.
• Eyes on glass monitoring of security incidents within established customer Service Level Agreements.
• Assist as required in remediation of critical information security incidents.
• Review trouble tickets generated by other team members.
• Determine and assist with remediation and recovery efforts.
• First responder to security event escalations via email, phone and ticket.
• Communicate in a positive manner with clients and escalate any issues and/or messages accordingly.
• Conduct weekly, bi-weekly, or monthly client meetings
• Manage and monitor assigned security platforms while following established procedures.
• Complete assigned projects on time and with excellent quality.
• Practice continual self-improvement thru education, training, and certification.
• Learn and quickly become proficient with a vast number of technologies, providing both support and troubleshooting services in a professional manner.
• Write documentation for tasks, procedures and knowledgebase articles needed to support the understanding and efficiency of SIEM services.
• Assist with determining client needs and obtain clarification as required to properly triage client requests to the appropriate resource.
• Analyze data and draw logical conclusions.
• Assist with implementing and configuring SIEM software and appliance-based products
• Assist with creation of alerts that trigger/activate on a configured setting to deploy or send email to a particulate destination email or groups.
• Other duties as assigned.
  Position Requirements
  The requirements listed below are representative of the knowledge skills and abilities required.Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  Required Experience:
  • 5 + years of hands on experience in the security monitoring and incident response working with SIEM capabilities
  • Experience with cloud service providers
  • Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
  • Experience working with internal and client ticketing and knowledge base systems for incident and problem tracking,
  • Hands on experience with EPP/EDR, NetFlow, vulnerability identification tools or digital forensics
  • Experience in creating automated log correlations in a SIEM to identify anomalous and potentially malicious behavior.
  • Thorough understanding of the latest security principles, techniques, and protocols.
  • Experience in banking and/or financial services firms a plus
    Working Knowledge Of:
    • Familiarity with compliance GLBA
    • Understanding of monitoring devices such as firewalls, network and host-based intrusion detection systems, web applications, AV, WAF, Proxy and operating system logs.
    • Knowledge of Active Directory Environments.
    • Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
    • Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
    • Knowledge of network protocols such as TCP/IP, DHCP, DNS, and directory services.
    • An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
      Skills and Technologies:
      • Knowledge of Linux and Windows Operating Systems
      • Basic understanding of at least one programming and scripting language.
      • Ability to interpret IOC's.
      • Develop and maintain content and reporting.
      • Prior experience working with the ELK stack including Elasticsearch.
      • Prior experience using Git/Github.
      • Basic Firewall rule and policy fundamentals
      • Good written and oral communications skills
      • Experience working with customers via the phone.
      • Extraordinary written and verbal communication skills
      • Must be able to efficiently use Microsoft Word and Excel
        Desired Education and Certifications:
        • Bachelor's Degree in Computer Science or equivalent work experience
        • Cybersecurity certifications (ex. CISSP, GCFA, GCIA, GCIH, CEH, etc.)
          Personality Type:
          • Technical minded with a passion for security
          • Ability to prioritize multiple tasks and manage time efficiently
          • Flexible and adaptable to changing work environment
          • Communicate in a positive manner with clients and escalate any issues and/or messages accordingly
          • Ability to structure unstructured problems and take command during an incident
          • Capable of working effectively independently and in a team environment
          • Must be self-motivated, goal and detail oriented
          • Eager to be a part of a larger mission
          • Embodies a leadership mentality
          • Comfortable learning on the job
          • Quick learner
          • Ability to remain calm under pressure
          • Natural curiosity to get to the root cause
          • Thrives in an entrepreneurial-type environment
          • Adaptable and Flexible
          • Operates with high integrity and accountability
          • Eagerness for continuous self-improvement through education, training and certification
            Remote work is available after an initial onsite training period.

Keywords: Sourced., Alpharetta , Sr Cyber Security Analyst, Professions , Alpharetta, Georgia