A Security Analyst participates in monitoring, hunting, and responding to cyber security events. He or She, provides a front-line role during cyber security incidents, identifying the extent of the threat, business impacts, and advising or sometimes performing the most suitable course of action to contain, eradicate and remediate an incident. A Security Analyst maintains a good knowledge of the threat landscape, helps enhance visibility and response capabilities by identifying new methods of detecting threats. A Security Analyst is proactive and seeks out adversaries determined to negatively impact our client's reputation, financial interest or threaten the safety of our employees and customers.
Candidates are expected to discuss and demonstrate they meet the required qualifications for applicable roles.
• Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc.
• Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats
• Remain abreast of emerging threat patterns and provide recommendations to detect threats
• Assists with patching recommendations and workarounds for zero-day threats.
• Coordinate mitigation or remediations task with stakeholders or supporting teams
• Communicates with management on incident updates.
• Monitors SIEM and analyzes security events to determine appropriate actions
• Monitors emails containing links/attachments associated with potential phishing attempts to determine appropriate actions
• Identify and tune false positives associated with current security events
• Document analytical steps and findings associated with security event investigations
Qualifications Required for Cyber Security Analyst
• 2 years IT security experience
• Minimum 2 years of experience in performing analysis on Windows and LINUX/UNIX systems
- Minimum 2 years of experience and/or familiarity in the following areas: o Network/Endpoint: analysis tools
- Scripting languages
- Windows/Unix command-line utilities
- Reputation analysis associated with IP's, Domains, Email Addresses
- Ticketing Systems
- Required to submit to a background examination.
- Experience operating within a security application such as Kali, Metasploit, etc.