Security Analyst - Tier 3
Company: SeaHill Consulting Group
Location: West
Posted on: June 23, 2022
Job Description:
Selected candidates must be US Citizens, pass a CJIS background
check process, and complete basic safety and security training to
meet the customer requirements.
This position is based in AUSTIN, TX. Please only apply if you are
able to work on-site in Austin two or three days a week.
The preferred candidate will have the following experience:
- Demonstrated ability to perform and support in-depth
investigations and 'hunting' activities.
- Experience in using the Splunk Enterprise Security SIEM
technologies as an analyst is REQUIRED.
- Eight (8) years of Security Incident Response, Security
Operations Center, and/or threat analysis experience.
- Demonstrated experience using either an Enterprise/MSSP and or
cloud Security SIEM technologies as an analyst.
- Ability to support and work across multiple customer and
bespoke systems.
- Complete basic safety and security training to meet the
customer requirements.
- Ability to work a rotating shift and on-call schedule as
required.
- CompTIA Security+ certification or equivalent/higher
- Splunk Power User Certification, CEH Certification
preferred
Responsibilities
- Characterize and analyze network traffic to identify anomalous
activity and potential threats to network resources.
- Document and escalate incidents (including event's history,
status, and potential impact for further action) that may cause
ongoing and immediate impact to the environment.
- Perform cyber defense trend analysis and reporting.
- Perform event correlation using information gathered from a
variety of sources within the enterprise or MSSP environment to
gain situational awareness and determine the effectiveness of an
observed attack.
- Provide daily summary reports of network events and activity
relevant to cyber defense practices.
- Receive and analyze network alerts from various sources within
the environment and determine possible causes of such alerts.
- Provide timely detection, identification, and alerting of
possible attacks/intrusions, anomalous activities, and misuse
activities and distinguish these incidents and events from benign
activities.
- Use cyber defense tools for continual monitoring and analysis
of system activity to identify malicious activity.
- Analyze identified malicious activity to determine weaknesses
exploited, exploitation methods, effects on system and
information.
- Determine tactics, techniques, and procedures (TTPs) for
intrusion sets.
- Recommend computing environment vulnerability corrections.
- Conduct research, analysis, and correlation across a wide
variety of all source data sets (indications and warnings).
- Create and document procedures and work instructions for use by
the SOC staff (Tier 2 through Tier 3).
- Train and mentor other analysts as needed.
- Validate events/alerts received from all monitored security
systems against network traffic using packet analysis tools.
- Assist in the construction of signatures which can be
implemented on cyber defense network tools in response to new or
observed threats within the network environment or enclave.
- Monitor external data sources (e.g., cyber defense vendor
sites, Computer Emergency Response Teams, Security Focus) to
maintain currency of cyber defense threat condition and determine
which security issues may have an impact on the enterprise.
- Provides cybersecurity recommendations to leadership based on
significant threats and vulnerabilities.
Keywords: SeaHill Consulting Group, Waco , Security Analyst - Tier 3, Professions , West, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...