Tier 3 Security Analyst
Company: Computer World Services (CWS)Corporation
Location: San Antonio
Posted on: January 13, 2021
|
|
Job Description:
Job DescriptionAs a Security Operations Center (SOC) Tier 3
Analyst, you will be analyzing / monitoring network traffic and
providing advanced IT Security Incident Response, prevention,
forensics, and threat hunting for a global implementation of
Microsoft UC (Skype for Business).Primary Duties and
Responsibilities* Analysis and remediation of Security incidents
escalated from the Tier 2 Security Operations Center (SOC)
Analysts* Monitor security sensors and review logs to identify
intrusions* Analyze and resolve high complexity technical and
system problems* Review vulnerabilities and track resolution*
Review and process threat intel reports* Create and deliver
Security assessment and custom security incident reports* Develop
custom filters to suppress false alerts and noise alerts*
Proactively look for suspicious anomalous activity based on data
alerts or data outputs from various toolsets and SIEM platform*
Staying up to date with current vulnerabilities, attacks, and
countermeasures* Provide continuous real-time network monitoring
and conduct ongoing near real-time analysis and mitigation of
IA/Cybersecurity Defense events on the UC environment to defend and
protect against anomalous activity* Conduct formal incident
reporting and document technical details and report to appropriate
stakeholders* Develop and maintain the body of documentation that
articulates SOC support tactics, techniques, and procedures*
Maintain visibility of network defense threat conditions and
emerging threats to the UC environment by monitoring external data
sources* Participate in investigation and validation efforts
related to network alerts with government cyber security elements*
Analyze and correlate log files from a variety of sources within
the UC environment to characterize anomalous activity* Participate
in coordinating network defense and response activities of ongoing
network compromises and/or attacks with the Army cyber security
elements* Document the technical details using internal reporting
database of suspected network incidents to support incident
response and reporting requirements* Conduct impact assessments and
provide situational awareness of network events and attacks by
correlating data sources from the UC environment* Notify Customer
and SOC Management Team, incident responders, and other team
members of critical network incidents articulating the event's
history, status, and potential impact* Lead Critical Cyber Incident
Response efforts as a senior technical security team member*
Collect and analyze network intrusion artifacts from a variety of
data sources, including, system logs, network logs, system images
and packet captures to guide mitigation efforts during confirmed
network incidents within UC environment* Coordinate with
intelligence analysts to correlate threat assessment data* Document
and report incidents from initial detection through final
resolution using standard DoD incident reporting channels and
methods (refer to CJCSM 6510.01B, "Cyber Incident Handling
Program," dated 10 Jul 2012 or later)* Provide remote incident
handling support such as forensics collections, intrusion
correlation tracking, threat analysis, and direct system
remediation tasks to onsite personnel* Develop and publish incident
response guidance and high-quality incident reports to appropriate
stakeholders* Upon resolution of network incidents, create custom
signatures or correlation rules to detect future incidents as well
as make UC environment protection recommendations to enhance
passive resistance to future attack* Maintain the computer network
defense (CND) toolkit and provide appropriate readiness support to
conduct cyber incident response* Responsible for working in a 24x7
Security Operation Center (SOC) environment* Provide analysis and
trending of security log data from many heterogeneous security
devices.* Provide Incident Response (IR) support when analysis
confirms actionable incident.* Analyze and respond to previously
undisclosed software and hardware vulnerabilities* Investigate,
document, and report on information security issues and emerging
trends.* Coordinate with Intel analysts on open source activities
impacting SLTT governments.* This position requires the ability to
work shifts on a 24*7*365 schedule, including on-call* Other duties
as assigned or requiredRequired Skills, Experience, and
Certifications* US Citizen with DoD Secret clearance or above*
Information Assurance Technical (IAT) Level of II or above (CompTIA
Security+), and obtain Computing Environment (CE) certifications,
within 180 days of hire* 7+ years of related experience in a
Security Operations Center capacity* Certified and/or trained in
one or more of the Security tracks from vendors like Cisco, Splunk,
Microsoft* Experience with manipulating large sets of data*
Experience in two or more of the following technical domains:
network/host-based intrusion analysis, malware analysis, forensics,
or cyber threat intel* Capable of writing basic IDS signatures*
Ability to deploy and maintain basic network security tools*
Understand appropriate security architecture* Knowledge of advanced
threat actors and complex attacks* Knowledge of TCP/IP and the
underlying protocols* Ability to perform basic packet analysis*
Understanding of NetFlow data* In-depth knowledge of practices and
procedures of operating systems, operating system utilities and sub
systems and/or network technologies* In-depth knowledge of log
formats for syslog, http logs, DB logs and how to gather
traceability back to event; knowledge of packet capture and
analysis; experience with log management or security information
management tools; experience with security assessment tools (NMAP,
Nessus, Metasploit); ability to make information security risk
determinations* Possess excellent writing skills and the ability to
communicate to technical and executive level staff* Knowledge of
regex and experience with one or more scripting languages like
Python, Perl, Ruby etc.* Expertise with and the ability to consult
on ITSM, ITIL, and Info Security Best Practices.* Candidates shall
work on-site at one of the two AT&T NOC/SOCs located in
Purcellville, VA or San Antonio, TXDesired Knowledge, Skills and
AbilitiesSecurity ClearanceDoD Secret is required to start (Interim
Secret is acceptable)Other (Travel, Work Environment, DoD 8570
Requirements, Administrative Notes, etc.)* Personnel may be
required to travel to alternate work locations as well as customer
sites.EOE AA M/F/Vet/DisabilityEEO is the Law:
http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf
Keywords: Computer World Services (CWS)Corporation, San Antonio , Tier 3 Security Analyst, Professions , San Antonio, Texas
Click
here to apply!
|
Didn't find what you're looking for? Search again!
Other Professions JobsCDL-A Company Flatbed Driver Up to $1350/Wk and $4K Bonus! Description: br br CDL-A Company Flatbed Driver Up to 1350/Wk and 4K Bonus br Here at E.W. Wylie, we believe our success begins with our drivers success. Our team of drivers go the extra mile because they (more...) Company: E.W. Wylie Corporation Location: Buda Posted on: 01/17/2021 Owner Operator, Long Haul Driver Description: br br br Proud to be a 100 Owner Operator Fleet br CDL-A Owner Operators and Fleet Owners Leasing to Ameri-Co Carriers is not just another job. Let us show you how your days with us with be (more...) Company: Ameri-Co Carriers Location: Buda Posted on: 01/17/2021 Part-Time School Bus Driver Description: br br Now Hiring Part-Time School Bus Drivers in Austin, TX At First Student, our Bus Drivers are an integral part of the communities they serve. They are committed to safety, customer service and (more...) Company: First Student Location: Austin Posted on: 01/17/2021 CDL A OTR flatbed driver jobs out of Texas - 1 yr. experience Description: br br Drivers who want to travel will see the country Company: Hunt Transportation Location: Austin Posted on: 01/17/2021 Bulk Chemical Drivers Earn More Description: br br br br Local, Regional, Dedicated and Long-haul br Liquid Bulk Chemical Drivers br br br Our top performing drivers average 1500 per week ul Earn Top Percentage Pay of Linehaul (more...) Company: HENIFF Transportation Systems Location: Austin Posted on: 01/17/2021 Regional CDL A Truck Drivers - At Least $1,100/wk Guaranteed! Description: br br br Regional CDL A Truck Drivers - At Least 1,100/wk Guaranteed Immediate Detention Pay that could add up to an extra 6,000/yr Apply Online or Call 608-400-4278 Today With Marten's Minimum (more...) Company: Marten Transport Location: Austin Posted on: 01/17/2021 CDL Class A OTR Company Drivers Sign-On Bonus $1,000 Description: br br br CDL Class A OTR Company Drivers Sign-On Bonus 1,000 br Call 844 802-4392 Today br br Herrington Transportation, Inc is a growing trucking company that was founded in 2002. We (more...) Company: Herrington Transportation Location: Manor Posted on: 01/17/2021 Class A CDL Owner Operators - Hopper Bottom Drivers 150K-200K Average Annual Pay Description: br Hopper 1.52 loaded / 1.32 empty fsc on all miles br br Hopper 1.52 loaded / 1.32 empty fsc on all miles Pay is based on how much commodity you can haul. The lighter the truck the better (more...) Company: OAKLEY TRUCKING Location: Buda Posted on: 01/17/2021 CDL A Truck Drivers Description: Call Smith Today at 855 396-7493 br br New Alternative Home Bi-Weekly Fleet br br bull Home Time: Wednesday Thursday Ever Other Week bull .50 Company: Smith Transport, Inc. Location: Yoakum Posted on: 01/17/2021 Class A CDL Owner Operators - End Dump Drivers: 175K-200K Average Annual Pay Description: br End Dump 1.72 loaded / 1.32 empty fsc on all miles br br br Owner Operators - End DumpsOakley s Owner Operators love End Dump freight s fast loading and unloading. AND the variety of challenges (more...) Company: OAKLEY TRUCKING Location: Buda Posted on: 01/17/2021 |