AlpharettaRecruiter Since 2001
the smart solution for Alpharetta jobs

Information Security Analyst (L2)

Company: Cira Infotech
Location: Alpharetta
Posted on: November 18, 2021

Job Description:

Senior Information Security Analyst (L2) Alpharetta, GA JOB SUMMARYMGT Consulting Group is a national leader in public sector management consulting and services that delivers diverse business consulting services to a wide range of public sector groups. Celebrating its 45th year in 2019, the firm attracts exceptional talent and empowers them to exceed client expectations as they navigate the dynamic demands of public agency performanceAs part of our Technology Solutions Group (Cira Infotech) , you will assist in leading a team responsible to respond to incidents and triage information ,security events , incidents & perform forensics . In this role, you will collaborate alongside a team of skilled analysts to address complex problems within a 24x7 Security Operations Center (SOC).If you are looking for a job that challenges you and gives you the opportunity to make an impact, where ideas are encouraged, and an entrepreneurial spirit is essential, then MGT Consulting may be the place for you.MAJOR DUTIES

  • Perform incident response analysis uncovering attack vectors involving a variety, malware, data exposure, and phishing and social engineering methods.
  • Participate in the remediation of incidents and responses that are generated from live threats against the enterprise.
  • Recording and reporting all incidents per Federal policy, department policy and legislation.
  • Creating and tracking network incidents and investigations through completion
  • Serve as a point person for Incident Management; providing coordination and assignment of activity for all entities party to incident response event
  • Monitor security events received through alerts from SIEM or other security tools
  • Revise alerts escalated by end users
  • Carry out Level 2 triage of incoming Incidents (initial IR assessment of the priority of the event, initial determination of incident nature to determine risk and damage or appropriate routing of security or privacy data request)
  • Maintain assigned ticket queue
  • As needed, serve as the incident response event point person and liaison to enterprise teams, responding to crisis or urgent situations aimed at mitigating, preparing for, responding to, and recovery systems. Will also coordinate resources, activities and timelines during security incidents to ensure a unified structured response to incidents (I.e. data breaches, ransomware events, etc.)
  • Review and recommend technical, process, and physical controls to counteract damage from breach events
  • Supports/develops reports during and after incidents, which include all actions taken to properly mitigate, recover and return operations to normal operations
  • Support forensic investigators and application security analysts in reactive and proactive Threat Hunting engagements, performing endpoint, network, and log analysis
  • Work on Rotation Based Shifts ( including weekends - Up to 40 hours a week)
  • Work On-Call Support.
    • 4+ years of relevant work experience
    • Bachelors' Degree or 2 additional years of experience
    • Active Security Industry Certifications like CSA , CompTIA Security+
    • Demonstrate proficiency in the Incident Response Process as well as the performance of threat hunting and SOC operations.
    • IDS monitoring and analysis, analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarms
    • Good understanding of system log information and what it means, where to collect specific data/attributes as necessitated per Incident Event (host, network, cloud, etc)
    • Strong understanding of enterprise networking (host based firewalls, anti-malware, hids, IDS/IPS, proxy, WAF), Windows and Unix/Linux systems' operations, TCP / IP protocols, experience providing analysis and trending of security log data
    • Experience creating and tracking investigations to resolution
    • Experience with vulnerability scanning tools such as Tenable Nessus, Tenable.IO, Tenable.SC, Qualys Guard, etc
    • Experience with Endpoint security solutions, Antivirus Solutions, EDR Tools
    • Advisory experience in compliance or regulatory frameworks (I.e. FISMA, PCI, GDPR, NIST, ISO)
    • Solid understanding of application, database, authentication, and network security principles; able to demonstrate how network services and protocols interact to provide communications, evidence recovery techniques, log data analytics, Incident categories, IR event handling methodologies, intrusion detection systems, network protocol and packet analysis
    • Understanding of system and application security, systems and network administration and operating system hardening techniques
    • General cyber-attack stages, profiling techniques and techniques for detecting host and network-based intrusions
    • Knowledge of evidence recovery techniques, preservation of evidence integrity, and collection of forensically sound collection of images, logs, and other critical components in order to discern possible mitigation/remediation of systems
    • Ability to perform or direct malware analysis, Threat Hunting, incident response
    • Understanding of Computer Network Defense (CND) policies, procedures, and regulations
    • Ability to convey complex technical security concepts to technical and non-technical audiences during crisis situations, I.e. executive or board level presentations
    • Ability to work with or support senior business leaders to understand business objectives/functions, identify risk factors, and communicate effective mitigation strategies
    • Excellent organizational, verbal, presentation/facilitation, and written communication skills
    • All candidates must have US work authorization with the ability to pass Federal background and credit checks.
    • Experience composing security alert notifications
    • Ability concisely communicate events of a technical nature incident responders to assist in the investigation and resolve computer security incidents
    • Very strong spoken and written communication and organizational skills
    • Need to be able to solve a problem with minimal supervisionPREFERRED QUALIFICATION-- Experience working in an MSP/MSSP is a plus-- Active Security Industry Certifications (CISSP,etc.)-- Certifications like CEH, CHFI, CTIA, SOC Analyst or any Sans certs highly preferred.MGT is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Keywords: Cira Infotech, Alpharetta , Information Security Analyst (L2), Professions , Alpharetta, Georgia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Georgia jobs by following @recnetGA on Twitter!

Alpharetta RSS job feeds