Information Security Analyst

This job is no longer active. View similar jobs.

POST DATE 9/15/2016
END DATE 10/24/2016

Modis Durham, NC

Company
Modis
Job Classification
Full Time
Company Ref #
23181066.21601014
AJE Ref #
576182956
Location
Durham, NC
Job Type
Regular
Required Licenses/Certifications
df-aj

JOB DESCRIPTION

APPLY
span Job Title: Information Security Analyst- Tier 1 br   br Job Description: Information Security Analyst Tier 1The Information Security Analyst is a security professional knowledgeable about information security alerting, threat trends, security event telemetry, intrusion analysis, malware, and anomalous behavior. The Analyst reviews security alerts and correlates telemetry to discern whether the traffic is malicious and actionable, then quickly resolves alerts through escalation to Information Security Analyst Tier 2 or Information Security Investigator or suppression as false positives. The Analyst directs his work according to the MSS Operations Playbook, and hunts through large volumes of alerts and telemetry to find security breaches. The Analyst constrains his investigation to a brief review, escalating cases requiring more detailed investigation and suppressing the rest. The Analyst works in an assigned shift, and is required to be present physically and via secure messaging such as IRC and Cisco Jabber; constant interaction with the SOC staff is required. br   br Security Analyst Duties br • Align security alert review and analysis to prescribed Managed Security Services Operations br Playbook br • Conduct introductory analysis into security breaches at customer sites using high-fidelity alerts and br tools within Customer environment, Cisco, and online. br • Review alerts generated by: br • security detection tools, br • correlate with device logs, br • and other forms of available telemetry br • Interpret the above data in the security analysis process br • Maintain up-to-date information in alert handling tools br • Where Customer SLA governs timing, the Analyst must work within the timing bounds to br acknowledge and resolve alerts br • Vigilantly protect Customer data confidentiality and integrity, ensuring proper handling and protection br electronically, physically, and verbally br • Work in assigned shift and ensure shift is covered personally. br • Document best practices with the SOC staff using available collaboration tools and workspaces br   br Desired Technical Skills and Qualifications br • Working knowledge of the Windows operating systems br • Working knowledge of Linux / UNIX operating systems br • Experience with Snort or other open source intrusion detection tools br • Working knowledge of Next-Generation Intrusion Prevention System br • Detailed understanding of the TCP/IP networking stack br • Working knowledge of NetFlow technology br • Working knowledge of Full-Packet Capture technologies br • Understanding of the typical client-side and server-side attack chain at the Network and Endpoint level br • Understanding of modern malware threats br • Understanding of the common Network Security technologies and products in the Campus, Data Center and Internet Edge. br   br   br Desired Experience and Certifications br • BS in a technical field (Computer Science / Computer Security / Cybersecurity / Computer br Networking preferred) or equivalent br • 2+ years of professional experience in the IT security industry br • can substitute with own research, formal cybersecurity education and university studies br • SOC operations environment experience br • Sourcefire Certified Professional (SFCP) br • CCNA Security certification br • GCIA or GCIH certification br • Wireshark Certified Network Analyst certification a plus br&gt