Description
An ideal analyst will be responsible for supporting computer network defense, to include auditing the network for vulnerabilities, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. This position is an on-site position in our Linthicum, MD facility
Responsibilities
- Conducts network monitoring and intrusion detection analysis using various cybersecurity tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, SIEM, Vulnerability Management, Host Based IDS (HIDS), etc.
- Correlates network activity across networks to identify trends of unauthorized use
- Reviews alerts and data from sensors and documents formal, technical incident reports
- Track, update and close tickets expeditiously
- Researches emerging threats and vulnerabilities to aid in the identification of network incidents
- Analyzes data from threat and vulnerability feeds and analyzes data for applicability to clients
- Identifies and resolves false positive findings in assessment results
- Answer SOC phones in a professional manner
- Makes real-time decisions about incidents as they occur
- Plans, develops, and executes vulnerability scans of organization information systems
- Complete and review documentation for projects or any operational effort
- Provide system performance monitoring and troubleshooting
- Maintain current knowledge of relevant technology as assigned
- Other activities as assigned
Requirements
Competencies Required
- Experience analyzing threat event data, evaluating malicious activity, documenting unusual files and data, and identifying tactics, techniques and procedures used by attackers
- Technical expertise in system security vulnerabilities and remediation techniques, network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, etc.)
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- An ability to effectively influence others to modify their opinions, plans, or behaviors
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
- An understanding of organizational mission, values, and goals and consistent application of this knowledge
Qualifications
- Progression toward an associate or undergraduate degree in Cybersecurity, Computer Science or related field
- Coursework in intrusion detection and penetration testing
- Effective communication with employees, supervisors/managers and staff
- Effective communication with clients and vendors
Physical Requirements
- Position is based in our Linthicum, MD Security Operations Center (SOC)
- Initial orientation and job training will occur during traditional work hours (i.e. 8:30a to 5p), M-F
- Once qualified, employees will fill a shift. Some overnights and weekends are expected.
Certifications
Security+ Required, or able to acquire within 3 months of start date.
