Startup Jobs
Post a Job
Harmonia Holdings Group, LLC

Cybersecurity Alerts Analyst

McLean , United States
Remote

AI overview

This role focuses on triage and investigation of cloud-native security events for the Veterans Affairs, utilizing Prisma Cloud tools to enhance cybersecurity measures.

Harmonia Holdings Group, LLC is an award-winning, rapidly growing federal government contractor committed to providing innovative, high-performing solutions to our government clients and focused on fostering a workplace that encourages growth, initiative, creativity, and employee satisfaction.  

Description

Title: Cybersecurity Alerts Analyst

Location:  Remote

Terms: Full-time

Clearance: Public Trust

Travel: <10%

 

Position Description

We have an opening for a full-time, Cybersecurity Alerts Analyst to join our talented, dynamic team.

As a Cybersecurity Alerts Analyst, you will play a critical role in supporting the mission of the Veterans Affairs (VA) by monitoring key cybersecurity systems for intrusions and vulnerabilities amongst VA’s application environments.

Veterans are encouraged to apply.

Responsibilities: 

For a Cybersecurity Alerts Analyst, the duties related to Palo Alto's Prisma Cloud tools are highly focused on triage, investigation, and response for cloud-native security events. Unlike an on-premise analyst who might focus on firewall or endpoint logs, this role is centered on the unique risks of the cloud.

Here are some key duties for a Cybersecurity Alerts Analyst:

  • Review and triage alerts generated by Prisma Cloud as the first line of defense and identify if the alert is a true positive or a false positive.
  • Use Prisma Cloud's features to enrich alerts with critical context; examining the affected asset (e.g., a container, serverless function, or virtual machine), its environment (e.g., production vs. development), its network exposure, and any associated user or service identities to help quickly determine severity and business impact
  • Prioritize the most critical alerts using Prisma Cloud's risk scoring and attack path analysis, focusing on incidents that show a clear path to sensitive data or a known exploitable vulnerability, rather than simply responding to every low-severity misconfiguration.
  • Performs a deeper investigation for true positive alerts, pivoting from the alert to review associated logs, network traffic, and forensic data within Prisma Cloud's dashboard.
  • Proactively use Prisma Cloud's tools to hunt for potential threats that haven't triggered an alert. This can involve searching for anomalous activity, suspicious network connections, or unauthorized changes to cloud configurations.
  • Work to identify the root cause of the incident. For example, if a container has a vulnerability, they investigate why that container was allowed into production in the first place, or if a user has overly permissive access, they look into the reason behind it.
  • Work with security orchestration, automation, and response (SOAR) playbooks, often integrated with Prisma Cloud, to trigger automated response actions. This could involve an automated process to disable a compromised user account or a "virtual patch" to a host to prevent an exploit.
  • Provide the technical team with specific, actionable remediation steps where automation isn’t possible. This could be as simple as telling a DevOps engineer which misconfigured S3 bucket to lock down.
  • Documents the investigation and provides clear, concise communication to stakeholders, escalating high-priority incidents to senior analysts or incident response teams, ensuring they have all the necessary context to take over.
  • Fine-tuning Prisma Cloud policies to reduce "alert fatigue if they consistently see false positives from a certain rule and work with a senior engineers or a DevOps team to adjust the policy or exclude specific resources.
  • Create new detection rules based on emerging threats or new compliance requirements, using Prisma Cloud's policy-as-code capabilities.

Requirements

  • Bachelor's Degree or higher - equivalent experience may be considered in lieu of a degree.
  • 3 years' experience with a SIEM tool, 5 years without a degree. (Splunk, Exabeam, SentinelOne, QRadar, Sumo Logic, etc)

 Desired

  • XSIAM and Prisma Cloud experience a plus.
  • Experience with Agile project management methods and frameworks such as SCRUM.
  • Exceptional written and verbal communication skills.
  • Strong planning, organizational, and time management skills.
  • Exceptional analytical and conceptual thinking skills.
  • Strong leadership skills and ability to work collaboratively with a team of peers.

#LI #CJ #Dice

___________________________________________________________________________________________________________

Here at Harmonia we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day.  Some of these recognitions include:  

  • Recognized as a Top 20 "Best Place to Work in Virginia"
  • Recipient of Department of Labor's HireVets Gold Medallion
  • Great Place to Work Certification for five years running
  • A Virginia Chamber of Commerce Fantastic 50 company
  • A Northern Virginia Technology Council Tech 100 company 
  • Inc. 5000 list of fastest growing companies for eleven years
  • Two-time SBA SBIR Tibbett's Award winner
  • Virginia Values Veterans (V3) Certification

We recognize that every bit of our success is the result of our teams of hard-working, motivated, and innovative professionals who are proud to call themselves part of the Harmonia family!   In addition to competitive compensation, a family-focused culture, and a dynamic, productive work environment, we offer all full-time employees a variety of benefits including, but not limited to

  • Traditional and HSA- eligible medical insurance plans 
  • 100% employer-paid dental and vision insurance options 
  • 100% employer-sponsored STD, LTD, and life insurance
  • 5% 401(k) company matching
  • Flexible-schedules and teleworking options
  • Paid holidays and PTO Accrual Plans
  • Paid Parental Leave
  • Professional development and career growth opportunities 
  • Team and company-wide events, recognition, and appreciation-- and so much more! 

Check out our LinkedInFacebook, and Instagram to find out a little more about who we are and if we are the right next step for your career!   

Harmonia is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics. Harmonia does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans.  To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily.  Other duties in addition to those listed may be assigned as necessary to meet business needs.  Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job.  If you are in need of an accommodation, please contact [email protected].  

Perks & Benefits Extracted with AI

  • Flexible Work Hours: Flexible-schedules and teleworking options
  • Health Insurance: 100% employer-paid dental and vision insurance options
  • Team events and recognition: Team and company-wide events, recognition, and appreciation-- and so much more!
  • Paid Parental Leave: Paid Parental Leave
  • Paid Time Off: Paid holidays and PTO Accrual Plans
Harmonia Holdings Group, LLC
Website LinkedIn
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Analyst Q&A's
Report this job
Apply for this job