SanAntonioTXRecruiter Since 2001
the smart solution for San Antonio jobs

Tier 3 Security Analyst

Company: Computer World Services (CWS)Corporation
Location: San Antonio
Posted on: January 13, 2021

Job Description:

Job DescriptionAs a Security Operations Center (SOC) Tier 3 Analyst, you will be analyzing / monitoring network traffic and providing advanced IT Security Incident Response, prevention, forensics, and threat hunting for a global implementation of Microsoft UC (Skype for Business).Primary Duties and Responsibilities* Analysis and remediation of Security incidents escalated from the Tier 2 Security Operations Center (SOC) Analysts* Monitor security sensors and review logs to identify intrusions* Analyze and resolve high complexity technical and system problems* Review vulnerabilities and track resolution* Review and process threat intel reports* Create and deliver Security assessment and custom security incident reports* Develop custom filters to suppress false alerts and noise alerts* Proactively look for suspicious anomalous activity based on data alerts or data outputs from various toolsets and SIEM platform* Staying up to date with current vulnerabilities, attacks, and countermeasures* Provide continuous real-time network monitoring and conduct ongoing near real-time analysis and mitigation of IA/Cybersecurity Defense events on the UC environment to defend and protect against anomalous activity* Conduct formal incident reporting and document technical details and report to appropriate stakeholders* Develop and maintain the body of documentation that articulates SOC support tactics, techniques, and procedures* Maintain visibility of network defense threat conditions and emerging threats to the UC environment by monitoring external data sources* Participate in investigation and validation efforts related to network alerts with government cyber security elements* Analyze and correlate log files from a variety of sources within the UC environment to characterize anomalous activity* Participate in coordinating network defense and response activities of ongoing network compromises and/or attacks with the Army cyber security elements* Document the technical details using internal reporting database of suspected network incidents to support incident response and reporting requirements* Conduct impact assessments and provide situational awareness of network events and attacks by correlating data sources from the UC environment* Notify Customer and SOC Management Team, incident responders, and other team members of critical network incidents articulating the event's history, status, and potential impact* Lead Critical Cyber Incident Response efforts as a senior technical security team member* Collect and analyze network intrusion artifacts from a variety of data sources, including, system logs, network logs, system images and packet captures to guide mitigation efforts during confirmed network incidents within UC environment* Coordinate with intelligence analysts to correlate threat assessment data* Document and report incidents from initial detection through final resolution using standard DoD incident reporting channels and methods (refer to CJCSM 6510.01B, "Cyber Incident Handling Program," dated 10 Jul 2012 or later)* Provide remote incident handling support such as forensics collections, intrusion correlation tracking, threat analysis, and direct system remediation tasks to onsite personnel* Develop and publish incident response guidance and high-quality incident reports to appropriate stakeholders* Upon resolution of network incidents, create custom signatures or correlation rules to detect future incidents as well as make UC environment protection recommendations to enhance passive resistance to future attack* Maintain the computer network defense (CND) toolkit and provide appropriate readiness support to conduct cyber incident response* Responsible for working in a 24x7 Security Operation Center (SOC) environment* Provide analysis and trending of security log data from many heterogeneous security devices.* Provide Incident Response (IR) support when analysis confirms actionable incident.* Analyze and respond to previously undisclosed software and hardware vulnerabilities* Investigate, document, and report on information security issues and emerging trends.* Coordinate with Intel analysts on open source activities impacting SLTT governments.* This position requires the ability to work shifts on a 24*7*365 schedule, including on-call* Other duties as assigned or requiredRequired Skills, Experience, and Certifications* US Citizen with DoD Secret clearance or above* Information Assurance Technical (IAT) Level of II or above (CompTIA Security+), and obtain Computing Environment (CE) certifications, within 180 days of hire* 7+ years of related experience in a Security Operations Center capacity* Certified and/or trained in one or more of the Security tracks from vendors like Cisco, Splunk, Microsoft* Experience with manipulating large sets of data* Experience in two or more of the following technical domains: network/host-based intrusion analysis, malware analysis, forensics, or cyber threat intel* Capable of writing basic IDS signatures* Ability to deploy and maintain basic network security tools* Understand appropriate security architecture* Knowledge of advanced threat actors and complex attacks* Knowledge of TCP/IP and the underlying protocols* Ability to perform basic packet analysis* Understanding of NetFlow data* In-depth knowledge of practices and procedures of operating systems, operating system utilities and sub systems and/or network technologies* In-depth knowledge of log formats for syslog, http logs, DB logs and how to gather traceability back to event; knowledge of packet capture and analysis; experience with log management or security information management tools; experience with security assessment tools (NMAP, Nessus, Metasploit); ability to make information security risk determinations* Possess excellent writing skills and the ability to communicate to technical and executive level staff* Knowledge of regex and experience with one or more scripting languages like Python, Perl, Ruby etc.* Expertise with and the ability to consult on ITSM, ITIL, and Info Security Best Practices.* Candidates shall work on-site at one of the two AT&T NOC/SOCs located in Purcellville, VA or San Antonio, TXDesired Knowledge, Skills and AbilitiesSecurity ClearanceDoD Secret is required to start (Interim Secret is acceptable)Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)* Personnel may be required to travel to alternate work locations as well as customer sites.EOE AA M/F/Vet/DisabilityEEO is the Law: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf

Keywords: Computer World Services (CWS)Corporation, San Antonio , Tier 3 Security Analyst, Professions , San Antonio, Texas

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Professions Jobs


CDL-A Company Flatbed Driver Up to $1350/Wk and $4K Bonus!
Description: br br CDL-A Company Flatbed Driver Up to 1350/Wk and 4K Bonus br Here at E.W. Wylie, we believe our success begins with our drivers success. Our team of drivers go the extra mile because they (more...)
Company: E.W. Wylie Corporation
Location: Buda
Posted on: 01/17/2021

Owner Operator, Long Haul Driver
Description: br br br Proud to be a 100 Owner Operator Fleet br CDL-A Owner Operators and Fleet Owners Leasing to Ameri-Co Carriers is not just another job. Let us show you how your days with us with be (more...)
Company: Ameri-Co Carriers
Location: Buda
Posted on: 01/17/2021

Part-Time School Bus Driver
Description: br br Now Hiring Part-Time School Bus Drivers in Austin, TX At First Student, our Bus Drivers are an integral part of the communities they serve. They are committed to safety, customer service and (more...)
Company: First Student
Location: Austin
Posted on: 01/17/2021


CDL A OTR flatbed driver jobs out of Texas - 1 yr. experience
Description: br br Drivers who want to travel will see the country
Company: Hunt Transportation
Location: Austin
Posted on: 01/17/2021

Bulk Chemical Drivers Earn More
Description: br br br br Local, Regional, Dedicated and Long-haul br Liquid Bulk Chemical Drivers br br br Our top performing drivers average 1500 per week ul Earn Top Percentage Pay of Linehaul (more...)
Company: HENIFF Transportation Systems
Location: Austin
Posted on: 01/17/2021

Regional CDL A Truck Drivers - At Least $1,100/wk Guaranteed!
Description: br br br Regional CDL A Truck Drivers - At Least 1,100/wk Guaranteed Immediate Detention Pay that could add up to an extra 6,000/yr Apply Online or Call 608-400-4278 Today With Marten's Minimum (more...)
Company: Marten Transport
Location: Austin
Posted on: 01/17/2021

CDL Class A OTR Company Drivers Sign-On Bonus $1,000
Description: br br br CDL Class A OTR Company Drivers Sign-On Bonus 1,000 br Call 844 802-4392 Today br br Herrington Transportation, Inc is a growing trucking company that was founded in 2002. We (more...)
Company: Herrington Transportation
Location: Manor
Posted on: 01/17/2021

Class A CDL Owner Operators - Hopper Bottom Drivers 150K-200K Average Annual Pay
Description: br Hopper 1.52 loaded / 1.32 empty fsc on all miles br br Hopper 1.52 loaded / 1.32 empty fsc on all miles Pay is based on how much commodity you can haul. The lighter the truck the better (more...)
Company: OAKLEY TRUCKING
Location: Buda
Posted on: 01/17/2021

CDL A Truck Drivers
Description: Call Smith Today at 855 396-7493 br br New Alternative Home Bi-Weekly Fleet br br bull Home Time: Wednesday Thursday Ever Other Week bull .50
Company: Smith Transport, Inc.
Location: Yoakum
Posted on: 01/17/2021

Class A CDL Owner Operators - End Dump Drivers: 175K-200K Average Annual Pay
Description: br End Dump 1.72 loaded / 1.32 empty fsc on all miles br br br Owner Operators - End DumpsOakley s Owner Operators love End Dump freight s fast loading and unloading. AND the variety of challenges (more...)
Company: OAKLEY TRUCKING
Location: Buda
Posted on: 01/17/2021

Log In or Create An Account

Get the latest Texas jobs by following @recnetTX on Twitter!

San Antonio RSS job feeds