*requirements*
- bs or ma in computer science, information security, cybersecurity or a related field
- 3+ years of experience as a junior security operations analyst
- 3+ years of experience in active defense, blue team, siem and incident response
- strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- an ability to effectively influence others to modify their opinions, plans or behaviors
- strong problem-solving and troubleshooting skills
- self-driven and proactive
*desired*:
- certified information systems security professional (cissp), certified information systems auditor (cisa), certified information security manager (cism)
- experience with regulatory compliance and information security management frameworks (such as international organization for standardization (is0) 27000, cobit, national institute of standards and technology (nist) 800)
*tasks and responsibilities*
- conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls, and host-based security systems.
- interface with our mdr edr teams to investigate threats and incidents and work with other it members and business teams to get incidents contended and addressed.
- conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
- deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization
- correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity
- reviews alerts and data from security tools, and documents formal, technical incident reports
- works with threat intelligence and/or threat-hunting teams
- provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
- supports the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies
- works with security information and event management (siem) and vulnerability management tools to manage/tune the system, create/manage the detection content and actively watch for alerts
- correlates network, cloud and endpoint activity across environments to identify attacks and unauthorized use
- researches emerging threats and vulnerabilities to aid in the identification of incidents
- provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
- perform security standards testing against computers before implementation to ensure security
- deploy security tools and scripts as needed to improve security capabilities and asses the security posture at navis and kaleris environments.
*salary*: $32,047.00 - $80,000.00 per month