Network Security Analyst

Job Description:

  • Performs network security monitoring and incident response for a large organization, coordinates with other government agencies to record and report incidents.
  • Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
  • Monitors and analyzes Security Information and Event Management (SIEM) to identify security issues for remediation.
  • Knowledge of creating Security Information Event Management (SIEM) tool rules.
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  • Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
  • Assists with implementation of counter-measures or mitigating controls
  • Prepares briefings and reports of analysis methodology and results
  • Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
  • Recommend changes to Standard Operating Procedures and other similar documentation
  • Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.

Preferred Skills:

  • The ability to take lead on incident research when appropriate and be able to mentor junior analysts
  • Experience managing cases with enterprise SIEM systems like Symantec, Splunk or Sourcefire
  • Working knowledge of any of the following tools is equired: Symantec Endpoint, Wireshark, Encase, Splunk or other information security tools
  • Conduct research on emerging security threats
  • Provides correlation and trending of Program’s cyber incident activity
  • Develops threat trend analysis reports and metrics
  • Supports CSOC analysis, handling and response activity
  • Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents
  • Author Standard Operating Procedures (SOPs) and training documentation when needed
  • Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.

Experience and Education

  • 3-4 years in an Incident Responder/Handler role
  • An understanding of Cyber Security Incident Response and Network Security Monitoring
  • Fundamental understanding of computer networking (TCP/IP)
  • Knowledge of Windows, Linux and Cisco operating systems and information security
  • Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk, Symantec antivirus, Firewalls and Sourcefire and similar tools preferred
  • Deep packet and log analysis
  • Some Forensic and Malware Analysis
  • Cyber Threat and Intelligence gathering and analysis
  • Bachelors or equivalent experience
  • Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred

Experis is an Equal Opportunity Employer (EOE/AA)


. . . . . . . .

Leave a Reply