This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

God Enriches | Local jobs for the people of Arizona

To post a job, login or create an account |  Post a Job

Cyber Security Analyst

Motion Recruitment

This is a Full-time position in Phoenix, AZ posted August 3, 2021.

We’re working with a privately-owned cybersecurity consulting firm that delivers enterprise-class security services to identify, detect, and respond to cyber-threats that have circumvented traditional information security controls. This firm uses a proprietary full-packet capture, network monitoring, analysis, and investigation platform to visualize and discover abnormal network activity and patterns over time. Their core market is midsize and enterprise organizations through security posture with assessment, managed security, and incident response services. Services include Network Security Assessment (NSA) Managed Detection and Response (MDR) Enterprise Services Incident Response (IR) and Advisory Services All services are custom-configured, allowing clients to leverage internal cybersecurity tools, resources, and procedures, as required. Their custom dashboards provide information technology and cybersecurity professionals with total visibility of their network-integrating full packet capture, intrusion detection, extensive intelligence, and network replay to investigate unusual network activities. Gold standard managed detection and response services allow midsize and enterprise clients to add threat hunting activities and expertise to their teams, quickly. Responsibilities As a member of the Security Team, the Cyber Security Analyst II is well-versed in hunting, triaging, analyzing, and investigating potential security incidents and threats across our diverse client base. Major duties include Supporting complex security incidents and investigations. Conducting host forensics, network forensics, log analysis, and malware triage in support of incident response investigations. Utilize internal and 3rd-party endpoint detection and response (EDR) technologies to conduct large-scale investigations and examine endpoint and network-based sources of evidence. Recognize and codify attacker TTPs (tools, tactics, and procedures) and IOCs (indicators of compromise) for application to concurrent or future investigations build scripts, queries or methodologies to facilitate incident investigation processes Develop and present readable yet comprehensive and accurate reports and presentations for both technical and executive audiences Work with clients’ security and IT operations teams to implement remediation plans in response to incidents. The Cyber Security Analyst (II) works closely with the Team Leader and with other analysts to investigate complex or advanced incidents proactively and identify threats, vulnerabilities, and exploits (threat analysis, threat hunting, intrusion analysis) The ideal candidate will bull Be passionate about cyber security, finding threats, identifying new detection techniques, and providing excellent client support and satisfaction bull Enjoy the details of day-to-day tactical execution of threat hunting, intrusion analysis and incident response bull Be a self-driven, team oriented, and highly motivated technology professional with appropriate experience in endpoint security analysis, network security monitoring (NSM), Security Incident and Event Management (SIEM) systems, next generation security devices, forensics, and incident response bull Possess deep technical knowledge and a sense of urgency, able to interact extensively with clients and partners using a confident tone and professional etiquette bull Be able to see the big picture, understanding evolving attacker behavior and motivations, participate and manage multiple client-facing projects, and help to trainmentor other security consultants bull Possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines bull Take responsibility for customer satisfaction and overall success of IRMDR services bull Be available, ready, and able to accept incoming work, respond in a timely manner to client requests and security events, adhere to policies, procedures, and security best practices bull Document actions and effectively communicate information internally and to customers bull Develop improvements for operational playbooks, tools, detection capabilities, workflows, and train and mentor fellow security engineers and security analysts. Qualifications for Success bull Bachelor’s Degree (or equivalent experience) with 3 or more years technical experience. bull Core Skills Required o Network security monitoring. o Network trafficpacket analysis. o Log analysis (Firewall, VPN, Windows event logs). Thorough understanding of Enterprise security controls and best practices in a Microsoft Active Directory environment. Additional Related Skills o Strong knowledge of Windows command line tools. o Experience with Windows disk and memory forensics. o Linux or OSX disk and memory forensics. o Cloud (AWS, Azure, M365) security controls, logs, tools, and forensics. o Experience with Python andor PowerShell scripting environments and task automation. Must be able to work in the US without sponsorship LI-RL1