Tag Archives: CEH

  • 0
TCP/IP Networking

JOBS: Security Analyst – Tier 2

Category:I.T. Jobs,Security Analyst Tags : 

LOCATION: VAUGHAN, ONTARIO

Our client is looking for a self-motivated Security Analyst- Tier 2 who will perform information security event analysis and utilize vulnerability assessment software to support our clients. If you have experience working with TCP/IP networking, network attacks, attack signatures, defense countermeasures, vulnerability management, and log analysis than we want to hear from you!

SIEM, TCP/IP Networking Analyst, Security Analyst, CISSP, GCIA, Security+, CEH

Responsibilities:

* In-depth investigations and analyze of traffic and alerts

* Investigate and perform in-depth analysis of exploits

* Provide network expertise to support timely and effective decision making of when to declare an incident

* Conduct proactive threat research

* Review security events that are populated in a Security Information and Event Management (SIEM) system

* Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident

* Independently follow procedures to contain analyze and eradicate malicious activity

* Document all activities during an incident and provide leadership with status updates during the life cycle of the incident

* Incident management, response, and reporting

* Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client

* Track trends, statistics, and key figured for each assigned client

* Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions

* Support reporting required on an as needed basis

* Manage Bi-weekly client support calls

* Modify Use cases and manage trends

* Daily Shift change report

* Incident reports

* Security status reports

Skills, Experience & Qualifications:

* Customer-oriented, flexible and demonstrated tendency to go above and beyond

* Ability to communicate efficiently with clients and internal team members at all levels and across functional and organizational boundaries.

* Organizational skills and time management/ prioritization.

* Comfortable working against deadlines in a fast-paced environment.

* 5 years of job-related experience

* SIEM Experience

* AlienVault/Qradar/LogRhythm/McAfee

* One or more of the following certifications: CISSP, GCIA, Security+, CEH

* Security Operations Center knowledge

* TCP/IP Networking

* Familiarity with common IDS/IPS and Firewalls (Snort, Cisco, Fortigate, Sourcefire)

* Experience with Malware Analysis and Reverse Engineering

* Prior SOC experience (can include internships)

* Experience with packet analysis and packet capture tools

* Incident handling/response experience

Captcha loading...