Careers | Posted Positions
Cyber Security Analyst I
PacketWatch is a privately-owned cybersecurity consulting firm that delivers enterprise-class security services to identify, detect, and respond to cyber threats that have circumvented traditional information security controls. PacketWatch services use a proprietary full-packet capture, network monitoring, analysis, and investigation platform to visualize and discover abnormal network activity and patterns over time. Our cybersecurity experts, threat hunters, and analysts help midsize and enterprise organizations gain confidence in their security posture with assessment, managed security, and incident response services. Services include: PacketWatch Network Security Assessment (NSA); PacketWatch Managed Detection and Response (MDR); PacketWatch Enterprise; PacketWatch Incident Response (IR); PacketWatch Advisory Services.
As a customer-facing member of the Service Delivery Team, the Cyber Security Analyst I (Specialist) will perform initial triage, investigation and escalations; investigate alerts and alarms to provide details for incident response team; serve as an initial point of contact for investigation and remediation; assess vulnerability and threat data from a variety of sources to provide actionable intelligence to internal consumers; implement countermeasures and maintain and enhance the defenses for internal information systems and resources; front line of defense for internal and clients’ assets with clear vision and situational awareness in a persistent, dynamic, and highly complex threat environment.
In addition, the Cyber Security Analyst I (Specialist) will:
- Utilize PacketWatch and third-party endpoint detection and response technologies to investigate, assess and remediate endpoint and network-based threats;
- Utilize related security automation and orchestration tools communicate security events and incidents to the applicable Incident Response Team personnel and/or management and recommend security actions according to daily checklists;
- Perform initial investigations on mixed Linux, Mac and Microsoft Windows environments, including network devices, databases, web services, and enterprise applications;
- Coordinate with internal infrastructure support teams to maintain/trouble shoot security tools and monitoring integrity;
- Provide front-line support for PacketWatch MDR and IR clients as required;
- Working as part of a larger dynamic team in a contributive, supportive and respectful manner.
- Document actions taken, observed IOCs, maintain metrics and proper reporting of observations.
Requirements / Profile
The ideal candidate will be passionate about cyber security, assessing threats, detecting adversary tactics and techniques, and providing excellent client support and satisfaction. He or she will enjoy the details of day-to-day tactical execution of monitoring, intrusion analysis and incident response. He or she must be a self-driven, team oriented, and highly motivated technology professional familiar with some experience in endpoint security analysis, network security monitoring (NSM), Security Incident and Event Management (SIEM) systems, next generation security devices, forensics, and/or incident response.
The successful candidate will possess the following required skills/attributes:
- Possessing a core understanding of security concepts and techniques; demonstrated knowledge of networking (TCP/IP, topology, and security), operating systems (Windows/Mac/Linux), and web technologies (IIS, Apache);
- Demonstrated ability to collect, read and interpret system data, including, but not limited to, security event logs, system logs, and firewall logs;
- Grasps and applies new information quickly and handles complex assignments; communicates well; demonstrates initiative on assignments, demonstrating problem solving skills; exercises independent judgment and professionally executes projects with little direction; and
- Ability to work weekends, holidays, or non-traditional schedules as needed. Must be able to work in the US without sponsorship.
Qualifications for Success
- Hands-on administrative experience with major operating systems (Windows, OSX, Linux);
- Traditional network monitoring experience (packet/protocol analysis);
- Foundational experience in any of the following areas including: hardware, networking, authentication, architecture, protocols, file systems and operating systems, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), network security monitoring (NSM), SIEM, endpoint detection and response systems, vulnerability management, incident response, and investigations and remediation;
- Relevant Industry certifications (e.g. CISSP, GSEC, GCIH or Sec+, MSCE, CCNA, CWNA and/or Net+);
- Knowledge of trouble isolation, log analysis, data and event correlation and analysis;
- Competence with scripting languages and technologies (PowerShell. Python, Ruby, Java);
- Effectively develop documentation and explain technical details in a concise, understandable manner; and
- Strong time management skills to balance time among multiple tasks.
Scottsdale, Arizona, United States
Send your resume and cover letter for this Cyber Security Analyst I (Specialist) position to email@example.com