Senior Security Analyst
IT | Denver, CO | Full Time
DirectDefense has an immediate opening on our Security Operations team. This is an elite team of Security Analysts who do not merely monitor for attacks and malware, they actively and aggressively hunt for the evidence of compromise within our client's environments. As a Security Analyst, you will be part of a revolution in managed security. You will work with brilliant people to spot, track, and eradicate hackers and malware. You will also be in on the ground floor of building a next-generation Security Operations Center.
Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, AntiVirus, SIEM, etc…), across multiple platforms
Assessing the security impact of security alerts and traffic anomalies on networks
Creating comprehensive security write-ups which articulate security issues, analysis, and remediation techniques
Training and mentoring security team members, to include the development, monitoring, and evaluation of training plans
IT Security-related problem-solving, critical thinking and analysis – to include architecting, deploying and troubleshoot technology which you may be previously unfamiliar with
Program management and tracking
Escalating and explaining security incidents
Conducting in-depth reporting, including collecting data, analyzing data, synthesizing intelligence, building reports, delivering reports to client audiences, and expounding on data specifics as required
Maintaining a strong awareness and understanding of the current threat landscape
Conducting research on emerging security threats
Monitor information security alerts through the use of SIEM to respond, triage, and escalate as needed
Review and respond to security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives
Perform day-to-day security log review and analysis in adherence with SOX & PCI requirements, as well as industry security best practices
Technical analysis of network activity, monitor and evaluate network flow
Responsible for reporting, escalating, and remediating anomalous events based on the established protocol
Participate in root cause analysis of critical events for improving preventative and reactive processes
Tune and maintain the SIEM (Security Information and Event Management) as needed; develop SIEM use cases to enhance monitoring capabilities
Responsible for gathering and responding to all assessment/audit requests for information
Act as an on-call point of escalation
Evening, weekend and holiday work will be required as job duties demand
Exceptional knowledge and understanding of the creation/implementation of secure networks, firewalls, and intrusion detection/prevention systems.
Advanced knowledge regarding common attacks, attack methods, and defense architectures.
Expert level experience in Enterprise Security Technologies in areas such as IPS/IDS, SIEM, VPN, PKI, NAC, Firewalls and vulnerability scanning tools.
Extensive ability to estimate, plan, lead and execute complex technical projects while working independently and/or in a team, undertaking and completing project tasks on schedule with minimal to no supervision.
Experience effectively engaging with internal and external personnel at the peer and executive management levels.
Experience with Information Security Policy and Procedure development and implementation.
Knowledge of Information Security risk assessment methodologies and standards.
Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers.
Bachelor of Science Degree in Systems Engineering, Electrical Engineering, Computer Sciences, Computer Engineering, Information Security, or other related engineering degrees, or equivalent experience.
Industry recognized security certifications; CISSP: Certified Information Systems Security Professional, CISM: Certified Information Security Manager, GIAC: SANS Global Information Assurance Certification, etc.