Information Security Analyst [615164]

Matchpoint Solutions Plano , TX 75024

Posted Yesterday

The key objectives for the Information Security Engineer position are to expand threat detection and prevention capabilities in existing and future Security tools.The Engineer must be able to identify gaps in existing security configurations and provide effective recommendations to improve, remediate, and expand controls against cyber threats including but, not limited toperforming forensic reviews to assist in discovering and mitigating threats and/or suspicious activities.The Engineer must possess the ability to work independently and to be an agile learner.This position should expect to liaise with numerous departments within the organization.
Responsibilities include:
  • Oversee, manage, and act as the subject matter expert for SIEM, Network IDS/IPS, other security applications
  • Design, configure, install and support security technologies as required to support threat mitigation efforts including but not limited to AV, DDOS, DLP, CASB, SIEM, Endpoint technologies, IDS etc.
  • Analysis of security events and their resulting incident response execution within the TFS Security Operations program
  • Evaluate security application events, threat intelligence feeds, software vendor announcements, and various sources of security monitoring data to gauge risk impact to the company.
  • Conduct analysis, troubleshooting, and trending of incidents/events detected from SIEM, IDS/IPS, and other security applications
  • Perform Level 3 triage and handling of security events (escalated from Level 1 & 2 Security Analysts or other); includes but is not limited to identification, containment, remediation, and reporting activities
  • Assess and communicate threat intelligence to reduce risk exposure and to prepare for potential security breach attempts
  • Perform and schedule system/agent upgrades based on vendor support; apply patches, configurations, and hot-fixes as needed to remediate vulnerabilities or risks to the organization
  • Perform complex technical analysis of malware samples, unauthorized software, and unusual end user/endpoint/network/mobile activity using industry standard forensics software applications
  • Integrate new log sources in SIEM and document event log triage for SOC analysts
  • Create custom rules, policies, alerts, etc. within the listed security applications based on stakeholder needs or situational conditions; will also modify existing configurations as-needed
  • Create new and enhance existing procedures through documentation to improve operational efficiencies and reporting accuracy
  • Develop detailed technical recommendations to solve current and future security issues; identify protection gaps and proposeeffective mitigating solutions
  • Maintain technical design and architecture documents showing security systems, protocols, data flow, and related objects
  • Maintain awareness of emerging threats against financial and affiliate verticals to ensuredata protection, system integrity, and network availability
  • Evaluate, design,implement, and configure new security products and technologies
  • Coach and train staff to confidently and correctly use SIEM & Network IDS/IPS
  • Develop, review, and maintain documentation for SIEM & Network IDS/IPS
  • Provide input to the department strategy on data protection, malware detection, network security, forensics, logging and monitoring, and related functional areas
Must Haves:
  • Experience with Linux & Windows OS
  • A broad knowledge of security technologies, processes, and investigative skills
  • Experience with creating and modifying Regular Expressions
  • Proficient using Microsoft Office Suite (specifically Word, Excel, & Powerpoint)
  • 1 year of SIEM operational experience is required; must have implemented and/or managed Qradar or a comparable SIEM tool; must possess strong technical knowledge of SIEM related architecture, system rules, etc.
  • 1 Year NIDS/NIPS (Symantec and/or McAfee preferred) operational experience including deployment, event analysis, maintenance, and upgrades.
  • Strong verbal and written communications skills; must be able to effectively communicate technical details and thoughts in non-technical/general terminology tovarious levels of management
  • Work well in team environments with internal and external resources as well as work independently on tasks
  • Excellent organizational, multi-tasking, and time management skills
  • Off-hour flexibility for supporting system upgrades and outages after hours.
Preferred/ Nice-to-haves:
  • A Bachelor's Degree in Computer Science or Engineering or equivalent experience
  • CISSP, CISA, CEH, OSCP, or other industry recognized security certification(s)
  • Scripting experience desired (bash, powershell, python, etc.)
  • Experience with RESTful API and automation
Cloud Security experience with AWS and/or Azure
See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior AWS Security Analyst


Posted 3 days ago

VIEW JOBS 11/14/2018 12:00:00 AM 2019-02-12T00:00 Description Senior– AWS Security Analyst This position is part of the Marketing,Advertising, and Content (MAC) data-sharing platform that resides within theChief Data Office of AT&T advertising and analytics. The MACcloud-based platform combines AT&T's unique consumer data and growing contentdata assets and enables data sharing across business units in support ofmarketing, advertising, and content intelligence related use cases. Key Roles and Responsibilities: * Perform securityanalysis with eyes on AWS logs and security alerts and investigate indicatorsof compromise. * Analyze detected malwareto extract additional information. * Monitor systems toidentify and respond to anomalous activity such as worms, Trojans, viruses, andmalware. * Participate in securityincident response activities. * Participate in evaluation,investigation and testing of new technologies with other teams to enhance AWSInformation Security infrastructure. * Provide technicalknowledge in the identification and reporting on emerging cyber threats andrisk to the organization. * Administration ofSecurity Tools in AWS, Access Reviews, ASPR audit dutites, and inventoryreporting. * Policies drafting anddevelopment and other related duties. Qualifications Education Bachelorsdegree in the field of Information Systems, Engineering, or Mathematicspreferred. Industry security (e.g., CISSP), privacy (e.g., CIPP/US) or audit(e.g., CISA) certifications are a plus. Experience At least 3 to 5 years ofexperience of relevant experiance. Experiencein AWS is required. General Skills Strong presence withextensive experience communicating with leadership and cross-functional teams.Ability to think outside the box and inspire cross-functional teams to enableinnovative, data-powered solutions. Ability to manage multiple work initiativesand exercise good judgment as well as balance risks in ambiguous and complexsituations. Supervisory: No Job ID 1843205 Date posted 09/21/2018 At&T Plano TX

Information Security Analyst [615164]

Matchpoint Solutions