Security Analyst

Shulman Fleming & Partners New York , NY 10001

Posted 5 days ago

Security Analyst

They must combine hands-on experience with an understanding of theory and practice. The candidates responsibilities include operational aspects of monitoring and remediating security events including working with vendors and other IT departments to address the event and escalating to senior members of the team as necessary.

Major

Responsibilities:

Operational

  • Perform day to day administration and support of security infrastructure tools and systems, including but not limited to SIEM, IDS/IPS, Anti-Virus, Anti-Malware, DLP, or other Network or System Monitoring tools
  • Review security logs of critical systems to identify risks, security threats, or configuration errors
  • Review daily, weekly, and monthly security reports for any anomalies or issues
  • Provide first level support on security issues and guidelines from end-users, developers, desktop-support specialists, and system administrators
  • Troubleshoot security issues and assist with security incident responses and forensic investigations
  • Maintain documentation on security architecture, procedures, configurations

work

  • Implement solutions to improve security posture
  • Work with colleagues and vendors to assess different technologies and determine their impact on the environment
  • Provide technical support to design, develop, engineer and implement security requirements for new and existing hardware, networks, and applications
  • Prepare formal and informal reports with security requirements on security incidents, system vulnerabilities, and ongoing compliance functions
  • Perform web application and web services security assessments, including reporting of vulnerabilities and working with development teams to correct or mitigate found vulnerabilities

Required Qualifications:

  • Strong communication skills. Ability to clearly articulate ideas, solutions, etc.
  • Strong educational background with BS / MS in Computer Science, Engineering, or related area
  • Knowledge of internet, web, application, and network security techniques
  • Knowledge of Linux, Windows, and Virtualization security
  • Understanding of security logging, audit logging, and event logging
  • Understanding of TCP/IP, Routing, Switching, Firewalls, and other Network functionality
  • Good analytical and problem-solving skills to troubleshoot and resolve security issues
  • Ability to perform and interpret vulnerability assessments
  • Ability to administer the operations of a security infrastructure
  • 3+ years of experience in a similar position
See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Analyst

Rose International

Posted 5 days ago

VIEW JOBS 11/13/2018 10:18:34 PM 2019-02-11T22:18 <p> </p> <p>Job title: Senior Security Operations Center (SOC) Technical L3 Analyst / Threat Intelligence/Detection L3 Analyst<br /> Location: Manhattan, NY - onsite<br /> Duration: Full time<br /> <br /> Role Summary:<br /> The Senior Security Operations Center (SOC) Analyst position performs in a Senior Level Threat Hunter/Researcher role from an automation perspective.  The Analyst will use advanced network and host based tools that will proactively search through datasets to detect and respond to imminent and potential threats that evade traditional security solutions.  This role could role into a technical lead for elevated threat management and security solutions identified by or reported to the SOC. Will be responsible for developing and assisting in the development and advancement of automation and integration technologies. Candidate should be capable of clear communications to varying audiences across the organization, in addition to seeking and building consensus where needed to achieve a strengthened security posture<br /> As a SOC Analyst a typical day might include following:<br /> • Proactively hunt for and research potential malicious activity and incidents across multiple platforms using advanced threat network and host-based/open source tools<br /> • Use both internal and external threat intelligence to build indicators of compromise into monitoring tools, be able to integrate these tools with one another to provide data enrichment<br /> • Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose potential threats and anomalous network behavior<br /> • Ability to automate networking tasks and analysis tasks<br /> • Be able to effectively document code and automation efforts effectively in an understandable manner for a non-programmer<br /> • Report common and repeated problems (trend analysis) to management and propose/drive process and technical improvements<br /> • Provide resolution plans for system and network issues<br /> • Provide support in the detection, response, mitigation and reporting of real or potential cyber threats to the environment and be able to assist in the automation of these processes<br /> • Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response and mitigation strategies used in cybersecurity operations<br /> • Provide written and verbal reports and updates to customers/business units<br /> • Leadership role in providing ongoing knowledge transfer to junior analysts<br /> • Develop and maintain up to date Run-Books and/or Standard Operation Procedures to maintain relevancy, address current/emerging threats and technology, and ensure constant improvement that meet industry standards and emerging attacks and threats<br /> • Lead and/or support major projects, including new initiatives, capacity, life-cycle management, new products and/or features, and integration<br /> • Develop process and architecture diagrams<br /> • Resolve complex networking and other technology issues with multiple parties involved<br /> <br /> You have:<br /> • Track record of six (6+) years of experience as a Level 3 SOC Analyst performing incident handling, sensor alert tracking, and/or cybersecurity case management<br /> • Must have experience programming in at least one of the following: Python, Powershell, Bash, Shell Script, Batch, VBscript (Python experience preferable)<br /> • Must have cybersecurity incident discovery and event management, network forensics, IPS/IDS, firewalls, content filtering technology, DLP, configuration management and monitoring, endpoint protection, database security and log collection and analysis understanding<br /> • Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)<br /> • Experience and keen understanding of cybersecurity tools, including McAfee SIEM/ePO/VSE/ENS/ FireEye NX, Splunk, Quest, ServiceNow, TheHive, Quest, Netwitness, Wireshark, and Volatility.<br /> • Network Traffic Analysis, Malware analysis, Raw Packet Captures, database technologies, web applications technologies, firewall technologies, etc.<br /> • Experience with cybersecurity forensics tools and methodologies (Disk,file and memory acquistion)<br /> • Experience in Tabletop exercises<br /> • Extensive experience with network ports and protocols<br /> • CSIS, CEH, CSTA, CSTP, GCFE, CISSP, GCIH, GCIA, or GPEN preferred<br /> • Leading and/or directing security incident response<br /> • Involvement in threat intelligence and cybersecurity communities<br /> Additional Skills:<br /> • Strong leadership skills and ability to manage teams and shifts of analysts effectively<br /> • Experience with providing formal and informal training/instruction and ability to communicate technical details effectively to junior IT personnel and C-level management<br /> • Willingness to work overtime and adjust to reasonable demands from customer, as and if required<br /> • Able to multitask and give equal and/or required attention to a variety of functions while under pressure<br /> • Ability to work independently and take ownership of projects and initiatives<br /> • Excellent written and verbal communication skills required. Must be able to communicate technical details clearly<br /> • Experience in developing and maintaining Run-Books and/or Standard Operation Procedures in a SOC environment<br /> • Strong troubleshooting, reasoning and analytical problem solving skills<br /> • Ability to communicate technical details effectively in writing and verbally to junior IT personnel and management<br /> • Team player with ability to work autonomously<br /> <br />  </p> Rose International New York NY

Security Analyst

Shulman Fleming & Partners