Not Authorized
You are currently not authorized to access this section.
Please contact your Administrator to change your authorization settings.
Please contact your Administrator to change your authorization settings.
Cybersecurity Threat Analyst
Jacksonville, FL
Job Description
Role: Cybersecurity Threat Analyst
Duration: 06 months (potential for extension)
Location: 100% Remote
4800 Deerwood Campus Parkway, Building 100, Jacksonville, Florida, United States, 32246
Note:
The manager is looking for someone with stronger logic skills and experience developing the alerts within the SIEM vs. responding to the alerts from the SIEM. Programming experience (writing scripts, PowerShell etc.) would be good too.
This is a role on the corporate Cyber Incident Response team.
Looking for someone strong with SIEM. GCDA certification (not required) or similar experience hands on with SIEM - preferably a variety of SIEM and/or EDR/XDR products. Should be able to write detections within a SIEM and understand the differences between detecting the activity, the results of the activity, and deviations from norm. Able to follow SDLC processes for rule development with strong documentation skills.
Job Summary:
Cybersecurity Threat Analyst, under limited supervision, develops, maintain, and implement comprehensive information security monitoring and threat analysis processes and programs. Cybersecurity Threat Analysts assist with defining cybersecurity event response policies, processes and standards for large and complex environments. They are responsible for comprehensive threat analysis to include recommending appropriate course of action and escalation. Perform various cybersecurity assessments to identify deviations from standard security configurations, inappropriate modification or activities and proactively identify weaknesses in safeguards. Assist within cyber event response by cooperating with third-party incident response teams and law enforcement agencies by providing logs, reports, alert notifications, and other requested information.
Essential Functions
Required Work Experience
SPECTRAFORCE is an equal opportunity employer and does not discriminate against any employee or applicant for employment because of race, religion, color, sex, national origin, age, sexual orientation, gender identity, genetic information, disability or veteran status, or any other category protected by applicable federal, state, or local laws. Please contact Human Resources at nahr@spectraforce.com if you require reasonable accommodation.
Duration: 06 months (potential for extension)
Location: 100% Remote
4800 Deerwood Campus Parkway, Building 100, Jacksonville, Florida, United States, 32246
Note:
The manager is looking for someone with stronger logic skills and experience developing the alerts within the SIEM vs. responding to the alerts from the SIEM. Programming experience (writing scripts, PowerShell etc.) would be good too.
This is a role on the corporate Cyber Incident Response team.
Looking for someone strong with SIEM. GCDA certification (not required) or similar experience hands on with SIEM - preferably a variety of SIEM and/or EDR/XDR products. Should be able to write detections within a SIEM and understand the differences between detecting the activity, the results of the activity, and deviations from norm. Able to follow SDLC processes for rule development with strong documentation skills.
Job Summary:
Cybersecurity Threat Analyst, under limited supervision, develops, maintain, and implement comprehensive information security monitoring and threat analysis processes and programs. Cybersecurity Threat Analysts assist with defining cybersecurity event response policies, processes and standards for large and complex environments. They are responsible for comprehensive threat analysis to include recommending appropriate course of action and escalation. Perform various cybersecurity assessments to identify deviations from standard security configurations, inappropriate modification or activities and proactively identify weaknesses in safeguards. Assist within cyber event response by cooperating with third-party incident response teams and law enforcement agencies by providing logs, reports, alert notifications, and other requested information.
Essential Functions
- The essential functions listed represent the major duties of this role, additional duties may be assigned.
- Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks and threats.
- Proactively and automatically correlates and analyzes threat data from various sources and analyzes network events to establish the identity and modus operandi of malicious users active in the computing environment or posing potential threats to the computing environment
- Independently, but with some level of guidance from Senior Cybersecurity Threat Analyst, conducts industry research and technical evaluation of all-sources and vendor supplied intelligence--with specific emphasis on network operations and advanced and sophisticated cyber tactics, techniques, and procedures
- Preparing assessments and cyber threat profiles of current events based on collection, research and analysis of open source information
- Proven technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats
- Proven technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances
- Demonstrated knowledge of information threat analysis and detection concepts and principles and impact
- Working with and managing vendor performance including applicable service level agreements
- Conducts and, at times, leads root cause analysis of any monitoring alerts and threats identified by third-party vendor, or internal systems and workforce. Once root cause is determined, proposes and works with other teams, if required, to implement appropriate security controls and solutions that will mitigate risk and vulnerabilities, as well as safeguard our systems and data.
- Assists in the preparation of detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders
- Periodically provides briefings and presentations to colleagues and leadership supporting analysis of cyber threats
- Develops and maintains documentation of security monitoring activities, threat response procedures and security diagrams
- Assists remediation actions as a result of threat and vulnerability assessments or audits
- Provides training to others on security capabilities, processes, procedures and operational tasks
Required Work Experience
- 5+ years related work experience
- 4+ years in Cybersecurity/1+ years Information Technology Infrastructure
- Related Bachelor's degree or additional related equivalent work experience Computer Information Systems with Cybersecurity
- Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) (within 180 Days if converted to FTE)
- Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats
- Strong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances
- Demonstrated knowledge of information threat analysis and detection concepts and principles and impact
- Experience working and managing vendor performance and service level agreements
- Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
- Strong technical knowledge of current systems, software, protocols and standards. (Including TCP/IP and network administration/protocols).
- Experience developing, documenting and maintaining security procedures.
- In-depth knowledge of operating systems and security applications
- Demonstrated ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
- Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
- Ability to manage tasks independently and take ownership of responsibilities
- Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
- Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks
- Ability to evaluate complex, multi-sourced security intelligence artifacts and summarize for consumption by internal stakeholders.
- Exposure to Project Management methodologies like Waterfall, Agile, Lean or SAFe methodologies
SPECTRAFORCE is an equal opportunity employer and does not discriminate against any employee or applicant for employment because of race, religion, color, sex, national origin, age, sexual orientation, gender identity, genetic information, disability or veteran status, or any other category protected by applicable federal, state, or local laws. Please contact Human Resources at nahr@spectraforce.com if you require reasonable accommodation.
Job Summary
Company
Start Date
As soon as possible
Employment Term and Type
Regular, Full Time
Required Education
Bachelor's Degree
Required Experience
5+ years
Email this Job to Yourself or a Friend