IT | Dallas, TX | Full Time
On behalf of our client, we are looking for a Security Analyst who will be responsible for managing threats and vulnerabilities in target systems, networks, and applications at an enterprise level. This role is also responsible for partnering with the managed security services partner in the operation and maintenance of information security systems, frequent review of security logs, security project support, compliance monitoring, incident response, and vulnerability management. The ideal candidates will be able to work effectively in a fast-paced setting, bring a fresh perspective to the Security program and be passionate about protecting, defending, and responding to information security-related events.
This role does not require to be on-site.
List the essential functions and maior activities in order of their importance.
1 . Manages processes responsible for the analysis of and response to security threats (malicious code, indicators of compromise, hacker profiling, zero-day exploits, OEM weaknesses, intrusion logging, etc.) in order to proactively prepare for security events.
Manage security controls such as phishing defenses, endpoint detection and response, intrusion detection, and SIEM.
Response to and triage of level 3 threat alerts sent from MSSP level 1 and 2 analysts, monitor industry resources, threat intelligence, and observe new technical developments, intruder activities, and related trends to help identify threats to the business.
Conduct vulnerability analysis using vulnerability analysis tools, threat intelligence, as well as agency and industry resources for the latest vulnerabilities and exploits and use a risk-based approach to qualify threats and develop mitigation strategies.
Lead incident handling processes, e.g. incident discovery, analysis, and verification, incident tracking, containment and recovery, incident response coordination, and notification.
Perform malware analysis, forensics, and threat modeling.
Prepare companywide security advisories and security information bulletins.
Develop and document standard operating procedures (SOP) and compile incident reports.
Proactive monitoring and response of known and or emerging threats against the network and endpoints.
Perform complex data analysis in support of security event management processes.
2 . Provide event and anomaly detection which requires long-term analysis and deep-dive investigation into internal systems and network activity.
Provide analysis and information gathering to provide situational awareness and actionable intelligence.
Strives for continuous improvement and makes recommendations to further mature the security program.
Participates cross-functionally across IT and business tiers to provide consultation on complex security issues.
Perform web application vulnerability scanning, detection, assessment, and mitigation.
Monitor and configure Intrusion detections and prevention systems operations.
Maintain information security operational metrics (i.e. # of incidents, types of incidents, etc.).
Takes a leadership role in overseeing security issues, projects, and risk management across the enterprise.
Education and Experience:
1 . Bachelor's Degree in MIS or Computer Science preferred, or relevant concentration.
Minimum of 5-7 years of overall cybersecurity and compliance management experience including triaging security and intrusion events.
Minimum of 5-7 years of IT Security Testing (e.g., penetration testing, web application security assessments, vulnerability assessments, and technical security assessments.
Minimum of 5-7 years of cloud, endpoint, server, database, application, and network security hardening experience (e.g., design, recommend and implement security hardening technical controls).
Possess one or more of the following certifications: CISSP, CISM, CEH, GWAPT, GPEN, GCWN, GCUX, or OSCP.
Strong understanding of SIEM, EDR, Threat Intelligence, and IDS technologies.
Experience in analyzing logs to correlate threats and adversarial activity.
Experience with and comprehensive knowledge of networking (routing, firewalls, load balancing, etc.) and network traffic analysis.
Strong analytical, documentation, and communication skills.
Strong understanding of endpoint (OS), identity (AD), cloud (Azure, Google, AWS), and application (ERP, CRM, web) technologies.
1 . Core understanding of CCPA, GDPR, and other data privacy regulations.
Third-party risk assessment analysis and review.
Legal contract reviews related to cybersecurity protections with external entities.
Phishing training and awareness programs.
Leading efforts to develop BIA, BCP, and DR plans.