Back to Job Search

IT Security Analyst (Remote)

  • Location: Lake Wisconsin, 29201
  • Job Type:Contract

Posted about 2 months ago

Position: IT Security Analyst (Remote)
Location: South Carolina - Remote
Term: 5 months
 
Day-to-Day Responsibilities:
  • Serve as escalation point in the SOC.
  • Proactively drive hunting and analysis on behalf of multiple clients.
  • Leverage internal and external resources and threat intelligence feeds to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure.
  • Lead incident respond in the SOC.
  • Investigate novel and complex threats, then develop knowledge, playbooks, and automation.
  • Develop new use cases and playbooks/SOPs, as well as automation for recurring incidents and incident tasks.
  • Improve DFIR processes and procedures to reduce false position alerts.
  • Collaborate with technical and business SMEs to identify gaps to enhance security monitoring.
  • Maintain Industry Training – This involves keeping up-to-date on security technologies, threats, and risk mitigation techniques.
  • Maintain Knowledge of Current Threats – Keep up-to-date on current threats by regularly reading industry-related articles.
  • Enhance SOC with advanced skill sets such as SOC automation and orchestration to optimize SOC resource allocation.
  • Case Management – ensuring the case management process is handled efficiently in a timely manner by all SOC personnel.
  • SOC Activity Log –creating, reviewing, and maintaining entries, working with other analysts Report.
  • Creation – creating temporary or permanent reports for customers, as requested.
  • Customer Meetings – attending and/or leading customer meetings as part of incident response and incident handling.
  • Training and Mentoring SOC personnel – Security Analysts are responsible for training new SOC employees; also responsible for training and mentoring existing SOC personnel on new technologies implemented by CenturyLink; also responsible for retraining SOC personnel, if necessary.
  • Tuning – regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered.
  • System Maintenance – assisting SOC Engineers with maintenance on security devices, as needed.
  • Projects - May lead moderately complex security projects as assigned.
  • Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture.
  • Gain and maintain knowledge of Customer’s business and technical environment.
  • Communicate incidents at an appropriate level of details with all levels of the organization.

    Shift Responsibilities:
  • The Security Analyst is responsible for the following shift duties:
o Daily Traffic Review – replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst.
o Report Run Verification – ensure customer reports run as scheduled.
o Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study.
o Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents.
o Handle Tier 2 event incident response, case management, and customer notification.
o Ensure security devices contain up-to-date signatures libraries.
o Assist with engineering tasks as necessary.
o Train SOC Level 1 Analysts on new attack signatures and attack methodologies.
o Providing process and operational improvement suggestions.
o Review and update documentation (such as SOPs and TTPs).
o Complete vendor training as requested by Management.
o Daily Case Management – the Security Analyst will review open cases and provide follow up that may be required.
 
Is this a good fit? (Requirements):
  • Bachelor’s Degree in Computer Information Systems or related field.
  • Must be U.S. citizen.
  • 5+ years of Information Security experience.
  • 2-3 years of Managed Security Service Provider.
  • 3-4 years of senior SOC analyst experience.
  • 3+ years coding and scripting experience in Python, Linux shell scripting or Windows PowerShell scripting etc.
  • 2-4 years of systems analysis.
  • Threat Intelligence or Forensic background.
  • Expertise experience in Splunk.
  • Strong understanding of security principles such as attack frameworks, threat landscapes, attacker TTPs, etc.
  • Working experience with integration with different security systems and devices.
    Working experience and knowledge of SOAR platforms and solutions.
  • Working knowledge of Linux and syslog from CLI.
  • Proven ability and past experience performing moderately complex security analysis for information technology.
  • Excellent writing and communications skills.
  • Familiarization with a variety of information and network security monitoring tools (ArcSight SIEM, QRadar SIEM, Splunk, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool, and Imperva WAF, among others)
  • Ability to work in a dynamic team-centered environment.

 

Candidates will be responsible for following the client's COVID-19 protocols. Please refer to your MATRIX representative for specifics.

About Us

At MATRIX, we expertly match talented professionals with job opportunities to elevate careers. Since 1983, we have placed thousands of professionals at innovative clients across every industry ranging from small startups to Fortune 50 companies. It’s why we’re consistently in the top 25 of all U.S. IT staffing firms and why our consultants rate us well above the industry average, earning us ClearlyRated's Best of Staffing awards year after year. People come to us for a job, and stay with us because of our top-notch consultant care.

MATRIX is and Equal Employment Opportunity employer including disability and veteran and provides reasonable accommodations for all qualified individuals.  Supporting medical or religious documentation will be required where applicable. If you are a qualified individual you may request a reasonable accommodation under the American Disability Act (ADA). If you are a person with a disability needing assistance applying, or at any point in the hiring process, please email us at MATRIX_HR@MatrixRes.com. To ensure a quick response to your request, please use the words “Accommodation request” as the subject line of your email.