Information Security Analyst

Responsibilities:

• Resource will function as a member of the Security Operation Center performing intrusion detection, prevention, and incident response.
• Must be able to operate as a member of a frontline team in security operations, monitoring and analyzing custom alerts and dashboards.
• Provides feedback in assessing new threat vectors and the effectiveness of controls. 
• Leverages advanced investigative skills using best-in-class data correlation and network/packet analysis tools. 
• Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security incidents.

Requirements:

• A solid foundation in networking fundamentals, with a deep understanding of TCP/IP and other core protocols.
• 3 to 5 Years of experience.
• Experience in enterprise intrusion analysis, SIEM and incident response.
• The ability to analyze logs from various security devices and web servers.
• Experience doing packet captures and interpreting them (e.g., tcpdump, Wireshark).
• Familiarity with network architecture and security infrastructure placement.
• Understanding of Windows and Unix operating systems, and command line tools.
• Knowledge of attack vectors, threat tactics, kill chain and attacker techniques is a plus.
• Experience with Cloud Incident Response is a plus (e.g., AWS, Azure)·
• Interpersonal skills sufficient to work with both technical and non-technical personnel at various levels in the organization.·        Ability to elicit and communicate technical and non-technical information clearly and concisely.
• An open mind, willingness to be challenged and strong desire to learn·
• Should be flexible to work during different shifts and possibly weekends

Good to have:

• Exposure to incident response of cloud-based and distributed infrastructures is a plus.
• Certifications from SANS, Offensive Security, ISC2 are a plus.