Cyber Security Analyst (SOC)

Qualifications:

• SIEM administration, configuration, and optimization experience with platforms such as Alien Vault, IBM QRadar, ArcSight or LogRhythm
• Threat hunting experience
• Malware reverse engineering and outbreak management experience
• Experience participating in and acting as an escalation point for complex network threat investigations
• Linux command line experience
• Experience and knowledge of public cloud environments, specifically AWS and Azure
• Knowledge of regular expressions and data normalization
• Experience configuring, integrating, and monitoring endpoint protection solutions such as Cylance, Carbon Black, or CrowdStrike
• Understanding of network protocols coupled with experience with web proxies, web application firewalls, and vulnerability assessment tools.
• Experience working in a team-oriented, collaborative environment with a high level of analytical and problem-solving abilities
• Positive attitude with strong oral and written communication skills
• Knowledge of IP networking and network security including Intrusion Detection
• Familiarity with common network vulnerability/penetration testing tools
• Familiarity with service management software such as ServiceNow
• Familiarity with data visualization platforms such as Domo
• Some experience with system hardening guidance and tools
• Experience on an incident response team performing Tier I/II initial incident triage, desired
• Experience supporting clients and serving as a technical advisor
• Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment requiring flexibility and responsiveness to client matters and needs

Certifications or work toward any of the following is strongly desired:

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Network Forensic Analyst (GNFA)
• Cisco Certified Network Associate (CCNA)