Security Analyst - Night Shift
IT | Denver, CO | Full Time
Job Description
Responsibilities:
- Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, Anti-Virus, SIEM, etc…), across multiple platforms
- Assessing the security impact of security alerts and traffic anomalies on networks
- Creating comprehensive security write-ups that articulate security issues, analysis, and remediation techniques
- Escalating and explaining security incidents
- Maintaining a strong awareness and understanding of the current threat landscape
- Conducting research on emerging security threats
- Monitor information security alerts through the use of SIEM to respond, triage, and escalate as needed
- Review and respond to security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives
- Perform day-to-day security log review and analysis in adherence with SOX & PCI requirements, as well as industry security best practices.
- Technical analysis of network activity monitors and evaluates network flow
- Responsible for reporting, escalating, and remediating anomalous events based on the established protocol
- Participate in root cause analysis of critical events for improving preventative and reactive processes
- Works with senior leadership to tune and maintain the SIEM (Security Information and Event Management) as needed; develop SIEM use cases to enhance monitoring capabilities
- Responsible for gathering and responding to all assessment/audit requests for information
Must be willing to work night shifts. Hours are 7pm-5am 4 days a week.
Job Requirements:
- 1 – 3 years of IT experience preferably in IT security and/or network infrastructure
- Strong working knowledge reviewing IDS, Firewall, and other security logs
- Experience with monitoring Security Information and Event Management (SIEM) solutions and analyzing SIEM data
- Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages
- Understanding of Anti-Virus solutions, Intrusion Detection/Prevention Systems, Firewalls, Vulnerability Assessment tools, Web Proxies, and Active Directory
- Well versed in network protocols
- Well versed on the latest attacks, vulnerabilities, and trends associated with cybersecurity
- Excellent communication skills with the ability to provide the appropriate level of detail (verbal and written) to both technical and non-technical personnel