Security Analyst - Tier 3

Company: SeaHill Consulting Group
Location: West
Posted on: June 23, 2022

Job Description:

Selected candidates must be US Citizens, pass a CJIS background check process, and complete basic safety and security training to meet the customer requirements.
This position is based in AUSTIN, TX. Please only apply if you are able to work on-site in Austin two or three days a week.

The preferred candidate will have the following experience:

• Demonstrated ability to perform and support in-depth investigations and 'hunting' activities.
• Experience in using the Splunk Enterprise Security SIEM technologies as an analyst is REQUIRED.
• Eight (8) years of Security Incident Response, Security Operations Center, and/or threat analysis experience.
• Demonstrated experience using either an Enterprise/MSSP and or cloud Security SIEM technologies as an analyst.
• Ability to support and work across multiple customer and bespoke systems.
• Complete basic safety and security training to meet the customer requirements.
• Ability to work a rotating shift and on-call schedule as required.
• CompTIA Security+ certification or equivalent/higher
• Splunk Power User Certification, CEH Certification preferred
  Responsibilities
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Perform cyber defense trend analysis and reporting.
  • Perform event correlation using information gathered from a variety of sources within the enterprise or MSSP environment to gain situational awareness and determine the effectiveness of an observed attack.
  • Provide daily summary reports of network events and activity relevant to cyber defense practices.
  • Receive and analyze network alerts from various sources within the environment and determine possible causes of such alerts.
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
  • Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
  • Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
  • Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
  • Recommend computing environment vulnerability corrections.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
  • Create and document procedures and work instructions for use by the SOC staff (Tier 2 through Tier 3).
  • Train and mentor other analysts as needed.
  • Validate events/alerts received from all monitored security systems against network traffic using packet analysis tools.
  • Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
  • Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
  • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.

Keywords: SeaHill Consulting Group, Waco , Security Analyst - Tier 3, Professions , West, Texas