PacketWatch is seeking an experienced Cyber Security Analyst I (Specialist) to join our team.
Cyber Security Analyst I Responsibilities
As a customer-facing member of the Service Delivery Team, the Cyber Security Analyst I (Specialist) will perform initial triage, investigation and escalations; investigate alerts and alarms to provide details for incident response team; serve as an initial point of contact for investigation and remediation; assess vulnerability and threat data from a variety of sources to provide actionable intelligence to internal consumers; implement countermeasures and maintain and enhance the defenses for internal information systems and resources; front line of defense for internal and clients’ assets with clear vision and situational awareness in a persistent, dynamic, and highly complex threat environment.
In addition, the Cyber Security Analyst I (Specialist) will:
Utilize PacketWatch and third-party endpoint detection and response technologies to investigate, assess and remediate endpoint and network-based threats;
Utilize related security automation and orchestration tools communicate security events and incidents to the applicable Incident Response Team personnel and/or management and recommend security actions according to daily checklists;
Perform initial investigations on mixed Linux, Mac and Microsoft Windows environments, including network devices, databases, web services, and enterprise applications;
Coordinate with internal infrastructure support teams to maintain/trouble shoot security tools and monitoring integrity;
Provide front-line support for PacketWatch MDR and IR clients as required;
Working as part of a larger dynamic team in a contributive, supportive and respectful manner.
Document actions taken, observed IOCs, maintain metrics and proper reporting of observations.
Cyber Security Analyst I Profile
The ideal candidate will be passionate about cyber security, assessing threats, detecting adversary tactics and techniques, and providing excellent client support and satisfaction. He or she will enjoy the details of day-to-day tactical execution of monitoring, intrusion analysis and incident response. He or she must be a self-driven, team oriented, and highly motivated technology professional familiar with some experience in endpoint security analysis, network security monitoring (NSM), Security Incident and Event Management (SIEM) systems, next generation security devices, forensics, and/or incident response.
The successful candidate will possess the following required skills/attributes:
Possessing a core understanding of security concepts and techniques; demonstrated knowledge of networking (TCP/IP, topology, and security), operating systems (Windows/Mac/Linux), and web technologies (IIS, Apache);
Demonstrated ability to collect, read and interpret system data, including, but not limited to, security event logs, system logs, and firewall logs;
Grasps and applies new information quickly and handles complex assignments; communicates well; demonstrates initiative on assignments, demonstrating problem solving skills; exercises independent judgment and professionally executes projects with little direction; and
Ability to work weekends, holidays, or non-traditional schedules as needed. Must be able to work in the US without sponsorship.
Cyber Security Analyst I Requirements
Hands-on administrative experience with major operating systems (Windows, OSX, Linux);
Traditional network monitoring experience (packet/protocol analysis);
Foundational experience in any of the following areas including: hardware, networking, authentication, architecture, protocols, file systems and operating systems, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), network security monitoring (NSM), SIEM, endpoint detection and response systems, vulnerability management, incident response, and investigations and remediation;
Relevant Industry certifications (e.g. CISSP, GSEC, GCIH or Sec+, MSCE, CCNA, CWNA and/or Net+);
Knowledge of trouble isolation, log analysis, data and event correlation and analysis;
Competence with scripting languages and technologies (PowerShell. Python, Ruby, Java);
Effectively develop documentation and explain technical details in a concise, understandable manner; and
Strong time management skills to balance time among multiple tasks.
PacketWatch Employee Benefits
Medical, Dental, Vision, and Life Insurance policies
Paid Time Off (PTO) and 10 Paid Holidays
Opportunities for career development (continuing education and certifications)