Cyber Security Analyst
We are looking for an experienced and motivated network defender to help us protect against network intrusions and system compromises at a globally respected research institution. This position reports to the Cyber Defense Center Manager.
Duties and Responsibilities
- The primary responsibilities of the Cybersecurity Analyst will be monitoring networks for attacks, malicious software, intrusions, performing Incident Response actions and coordinating remediation of infected systems
- We’re looking for someone passionate about security to monitor, investigate, analyze both raw and normalized network traffic, correlate connected sequences of events, detect and respond to incidents, reconstruct into timelines for analysis, identify malicious network activity, and generally assist in conducting defensive cyberspace operations to protect our organization’s global network infrastructure and intellectual property
- You will have the opportunity to conduct active threat hunting and threat emulation (pen testing) on the network, generate periodic or ad-hoc security reports to provide relevant situational awareness for senior stakeholders, perform cyber threat intelligence analysis and operationalization, operate and tune a suite of tools in our network security infrastructure, facilitate automation, continuously improve our defensive posture and more. We are a small team, so you will have the opportunity to get hands-on experience with a variety of technologies.
Education and Work Experience
- Bachelor’s degree in Computer Science, Network Security or related area desired
- Minimum of 5 years’ experience working in a security operations or network security environment
- Information security certifications (e.g., GCIA, GCIH, OSCP, C|EH) are a plus
Knowledge and Skills
- The ideal candidate will have experience performing network security and traffic analysis, hunting for malicious network activity and initiating response actions. Also be familiar with the use of SIEMs and different types of network security platforms. The candidate must have a solid understanding of different types of cyber attacks and exploitation methods as well as network security principles.
- Experience with market-leading security systems and products
- Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
- Ability to use Wireshark, tcpdump and other network analysis tools
Additional Skills, desired but not required
- Experience with an enterprise level SIEM a plus
- Experience in two or more of the following areas is a plus: host forensics, network forensics, malware reverse engineering, pen testing
- Knowledge of the threat landscape, including Advanced Persistent Threat adversaries cyber threat intelligence
Other Standard Expectations
- Good written and verbal communication skills
- Good analytic and problem-solving skills
- Effective time management. Must be able to work effectively in a team environment.
- A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships.
- US citizenship and the ability to obtain and maintain a security clearance if you don’t have one already