JobsEQ by Chmura Logo

Cyber Security Analyst (Incident Detection)

Dechen Consulting Group
Location: Plano, TX 75023
Type: Temporary (unspecified), Temporary (short-term), Non-Remote
Posted on: May 28, 2021
This job is no longer available from the source.
cyber security, incident detection, incident response handling
Contract W2, 6 Months
Depends on Experience
Job description Greetings!! We are an established Boutique Staffing firm with an exciting opportunity for an experienced Cyber Security Analyst (Incident Detection) with a reputable client in Plano, Texas (remote until covid) - W2, 6 month+ contract (must live in US, H1B transfer and TN ok, no CPT, OPT, no visa sponsorship, or C2C please). We offer medical and paid time off. If live in US, can do W2, and meet minimum qualifications, please apply for immediate consideration. Thank you!
**Please only apply if meet the following Minimum Qualifications:
• Has to be flexible and be available for the various shifts (our day shift is: 6am to 6pm, and the night shift is: 6pm to 6am as we run 24/7 SOC operation, and that includes on weekends as well. It will be 2 days off then 2-3 days on. Day and night shift would rotate every few months.).
• Must have 8+ years cyber security work experience
• Must have 3+ years incident response handling
• Must have 2+ years of experience using event escalation and reporting procedures, managing security alerts within enterprise SIEM systems, and performing network monitoring in a Cyber Security Operations environment.
Job Title
Cyber Security Analyst (Incident Detection)
Job Description
The Cyber Security Analyst (Incident Detection) role helps security operations by responding to escalated alerts and monitoring alerts. This position conducts in-depth analysis of security events with the specific ability to identify Indicators of Compromise, perform intrusion scope and root cause analyses and implement triaging protocols to mitigate potential damage to our cyber ecosystem.
KEY RESPONSIBILITIES
• Conducts Event Detection, Incident Triage, Incident. Handling, Hunting activities by leveraging our detection/response platforms
• Continuously monitors levels of service as well as interpret and prioritize threats through use of cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed
• Provide 24x7 incident detection and monitoring service, and performance report on regular basis
• Escalates cyber security events according to playbook and standard operation procedures (SOPs).
• Remediate non-compliance with technical and security requirements.
• Escalates high or critical severity level incidents to Incident Investigators.
• Assists with containment of threats and remediation of environment during or after an incident
• Performs triage of service requests from customers and internal teams
• Develop and implement remediation plans in response to incidents
• Updates procedures and configure tools for Monitoring Analysts consumption
• Consumes threat intelligence and disseminate findings to relevant parties
• Conducts hunting activities based on internal and external threat intelligence
• Integration of additional supported log source/device and development of new use cases as required
MINIMUM QUALIFICATION
• Has to be flexible and be available for the various shifts (our day shift is: 6am to 6pm, and the night shift is: 6pm to 6am as we run 24/7 SOC operation, and that includes on weekends as well. It will be 2 days off then 2-3 days on. Day and night shift would rotate every few months.)
• 8+ years cyber security experience required
• 3+ years of experience in incident response handling
• BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experience
• 2+ years of experience using event escalation and reporting procedures, managing security alerts within enterprise SIEM systems, and performing network monitoring in a Cyber Security Operations environment
• Working knowledge of security technologies such as Active Directory, anti-malware tools, forensics tools, firewalls, identity access management, IDS / IPS, multi-factor authentication, network devices, SIEM, threat intelligence, vulnerability scanners, monitoring tools, and web filters on premise and in cloud environments required
• Demonstrated analytical, problem-solving, and critical thinking skills required
• Ability to work with little supervision and consistently deliver results required
• Familiarity with network technologies and protocols (switches, routers, firewalls, VPNs, remote connection technologies, and multiple domain environments) strongly preferred
PREFFERED QUALIFICATION
• Experience with Splunk and other SIEM platforms, Enterprise Intrusion Prevention Systems, Endpoint Detection tools, and other security products
• Experience conducting incident handling and response efforts in large enterprise environments
• Experience supporting incident investigations
• Experience working in a 24/7 SOC environment
• Security certifications (e.g. Security+, Network+, CEH, SANS etc.)
Skills
SPLUNK, INCIDENT HANDLING, SIEM, INCIDENT RESPONSE, SOC, MALWARE DETECTION