JOBS: Security Analyst – Tier 2
Category:I.T. Jobs,Security AnalystLOCATION: VAUGHAN, ONTARIO
Our client is looking for a self-motivated Security Analyst- Tier 2 who will perform information security event analysis and utilize vulnerability assessment software to support our clients. If you have experience working with TCP/IP networking, network attacks, attack signatures, defense countermeasures, vulnerability management, and log analysis than we want to hear from you!
Responsibilities:
* In-depth investigations and analyze of traffic and alerts
* Investigate and perform in-depth analysis of exploits
* Provide network expertise to support timely and effective decision making of when to declare an incident
* Conduct proactive threat research
* Review security events that are populated in a Security Information and Event Management (SIEM) system
* Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
* Independently follow procedures to contain analyze and eradicate malicious activity
* Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
* Incident management, response, and reporting
* Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client
* Track trends, statistics, and key figured for each assigned client
* Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
* Support reporting required on an as needed basis
* Manage Bi-weekly client support calls
* Modify Use cases and manage trends
* Daily Shift change report
* Incident reports
* Security status reports
Skills, Experience & Qualifications:
* Customer-oriented, flexible and demonstrated tendency to go above and beyond
* Ability to communicate efficiently with clients and internal team members at all levels and across functional and organizational boundaries.
* Organizational skills and time management/ prioritization.
* Comfortable working against deadlines in a fast-paced environment.
* 5 years of job-related experience
* SIEM Experience
* AlienVault/Qradar/LogRhythm/McAfee
* One or more of the following certifications: CISSP, GCIA, Security+, CEH
* Security Operations Center knowledge
* TCP/IP Networking
* Familiarity with common IDS/IPS and Firewalls (Snort, Cisco, Fortigate, Sourcefire)
* Experience with Malware Analysis and Reverse Engineering
* Prior SOC experience (can include internships)
* Experience with packet analysis and packet capture tools
* Incident handling/response experience