Description:
The Cyber Security Analyst is a member of an enterprise-level team of security and compliance experts. This person is responsible for protection of the corporate infrastructure from infiltration or exfiltration as a part of the Security Operations Center (SOC). This individual is also expected to participate in many facets of corporate security and thus must have a well-rounded, hands-on background.
Responsibilities include:
- Perform daily checks of all services to ensure functionality
- Interface with our internal customers to assist with their service requests
- This position may work in shifts to support a 24/7 security operations center
- This employee shall maintain or assist in the maintenance of the confidentiality, integrity, and availability of all data in physical and/or electronic format
Required Experience:
- Palo Alto Networks firewall administration
- Candidate must be able to troubleshoot service issues in support of Enterprise initiatives and have a strong understanding of networking concepts
- Experience with Panorama is a plus
- Websense proxy administration to include O&M of Triton and appliances
- Candidate must have experience with configuration and troubleshooting of DLP, exceptions, incidents, SSL decryption, and content filtering
- Anti-virus, whole disk encryption, HIPS, and VSE
- The candidate will be expected to keep devices up to date with latest signatures, troubleshoot issues, and report end point compliance
- Splunk administration to include data ingestion, custom alerts, agent configuration and deployment, management of indexers and heavy forwarders, development of complex queries and dashboards, and troubleshooting of Splunk service issues
- This role will require Linux experience
- Incident response to incident identification, investigation, response, recovery and data connectivity
Qualifications:
- Bachelor’s degree in one of the STEM areas (science, technology, engineering, math)
- 2+ years of experience in a role with a security focus
- Ability to automate tasks to minimize manual work
- Ability to read and understand IP network designs and security fundamentals, including firewall ACL’s, router configurations, and system alerts
- The candidate should have an understanding of security policies and security best practices driven by federal regulations
- Must be able to work with geographically dispersed peers and internal customers
- Experience with IT ticketing systems and IT customer support
Preferred Skills:
- Cross platform experience with Windows, Linux, MAC OS and UNIX Platforms
- Experience working in a security operations center or network operations center which operates 24/7/365
- Industry recognized professional certification (e.g., Cisco, Microsoft, SANS, CEH, Security+, CASP, CISSP Associate)
- Knowledge of security control initiatives such as ISO, SSAE 16, PCI, ITIL, and COBIT a plus
- Experience with SIEM, vulnerability scanners, IDS/IPS, forensics tools
- Experience with IDS/IPS and Snort rule creation
- VPN administration experience