Security Analyst

Job Details:

Analyze and determine the scope of threats to the enterprise, vulnerabilities in software, and determine how our company will best defend itself against these threats. Monitor third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities and exploits. Verify vulnerabilities; correlate and collate the information; and develop, edit, and deliver security reports to enterprise-level customers. On occasion replicate reported vulnerabilities in a lab environment and, where appropriate, develop proof of concept and/or exploit tools against these vulnerabilities.

Perform duties across several Cyber disciplines, activities may include:

  • Intelligence Analysis:
    • Develop and provide threat and situational intelligence leveraging proprietary enterprise data, as well as a variety of external sources and open source data.
    • Actively monitor and research cyber threats with a direct or indirect impact to the OCC brand, business operations, or technology infrastructure.
    • Develop and support briefings to Security management as a cyber intelligence subject matter expert.
    • Create and conduct presentations on current threats and related IT Security topics.
    • Provide monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics.
  • Network Security Operations Analysis:
    • Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.
  • Incident Management and Forensic Analysis:
    • Participate in cyber security incident response activities, including investigation, coordination, and reporting.
    • Assist in the collection and preservation of evidence associated with cyber security incident response activities following industry best practices and established procedures.
    • Develop and support briefings to Security management as a cyber-forensic subject matter expert.
  • Proven team player, will be working individually and with other staff members, on both long-term projects and rapid response under tight deadlines.
  • Effective and excellent oral and written communication, analytical, judgment and consultation skills.
  • Ability to effectively communicate in both formal and informal review settings with all levels of management.
  • Proven experience in developing and providing threat and situational intelligence from a variety of internal and external sources.
  • Ability to work with local and remote IT staff/management, vendors and consultants.
  • Ability to work independently and possess strong project management skills
  • Implementation and maintenance of SIEM (ArcSight, IBM Qradar, McAfee NitroSecurity, etc.)
  • Forensic analysis tools (MIR, EnCase, FTK)
  • Malware analysis tools (dynamic and static)
  • Vulnerability assessment tools (Qualys, ISS Scanner, nmap, etc.)
  • Secure Web Gateway (BlueCoat, Microsoft Forefront)
  • Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump).
  • Encryption technologies (PGP, PKI and X.509)
  • Standard technical writing tools including MS Word, Excel, Project and Visio
  • Familiarity with:
    • Directory services, LDAP, and their inherent security (Active Directory, CA Directory).
    • Proxy and caching services.
    • Client/server platforms including Sun Solaris, Windows, Linux.
    • Operating system hardening procedures (Solaris, Linux, Windows, etc.)
    • LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP).


. . . . . . . .

Leave a Reply