We are looking for a Sr. Security Analyst to join our clients growing IT organization, which is advancing into the Azure Cloud Technology area. Ideal candidate will have 5-7 years of Security hands on experience, including advanced Active Directory security functions.
Duration: 6 month contract likely extension, possible contract to hire
Location: Cary, NC- partial onsite requirements, 2-3 days per week. **Local Candidates Only**
Key Skills: Active Directory Security, End Point Detection, Cisco, Azure, Okta
The Senior Security Analyst is responsible for monitoring and detection of threats and cybersecurity attacks. The Senior Security Analyst works independently at times, as well as with other members of the Security Team, to analyze system and security events, threat and vulnerability advisories, and cyber threat intelligence to identify malicious activity and potential attacks to alert clients to prevent or respond to incidents.
Daily work includes monitoring network and system security events, conducting threat hunting through event data and activity logs, developing alarms for suspicious or malicious activity, escalating alerts to clients and preparing reports to summarize detected activities. The Senior Security Analyst executes and helps to create operational processes for consistent monitoring of client environments and should be familiar with varieties of security tools and technologies.
Monitor security events and escalate verified alerts according to procedures to activate incident response processes.
Conduct analysis of network traffic and computer system discovery applications.
Assist in preparing deliverables including reports, briefing presentations and recommendations to communicate security information, event summaries, vulnerabilities and threats to clients on a routine and periodic basis, helping to distill technical concepts into valuable and informative information.
Perform threat hunting activities in client networks through proactive analysis of log, network and system data to identify undetected threats.
Provide sound technical recommendations that enable remediation of security issues.
Identify and incorporate applicable indicators of compromise (IOCs) into network security tools.
Develop and refine SIEM correlation rules.
Utilize advanced threat models, SIEM use cases, and incident response playbooks.
Manage and safely utilize vulnerability scanning tools and interpret and prioritize results.
Essential Technical Experience and Knowledge Skills:
Knowledgeable in network traffic analysis, threat detection, and advanced threat tactics, techniques and procedures (TTPs).
Knowledgeable of network and security architecture principles, firewall and IDS/IPS fundamentals, endpoint security systems and other security protective/detective systems.
Experience in cybersecurity event analysis, intrusion detection, security operations, and cloud computing.
Additional Background and Experience:
Possess an industry certification including CISSP, CCNP, GCIH, GMON, GCIA, OSCP, CEH, CompTIA Network+, Security+ or other recognized credentials.
Preferred Skills and Qualifications:
Computer Science or related 4-year degree.
SECURITY TOOLS- experience or exposure to some will be helpful-
Cisco Security Suite -> Firepower, ASA, AMP, Orbital, Umbrella, Stealthwatch
Microsoft Cloud App Security
All things Azure
All things Office365