IT Security Analyst
Our Direct client located in Westchester County, NY has an exciting new opportunity for an IT Security Analyst to join our clients growing Security team. Candidates should have at least 3-5 years of IT Security experience with Vulnerability Scanning and Penetration testing. Candidates should have excellent communication skills and enjoy working in a highly collaborative environment.
Major Job Accountabilities:
? Investigating security alerts.
? Research, extraction, and dissemination of open source intelligence (OSINT) on threat actors targeting the aviation industry
? Performing threat analysis and threat hunting and advanced analytic activities.
? Submitting observed threat information to information sharing networks including US-CERT and the Aviation ISAC.
? Reviewing security and threat intelligence bulletins from open and closed sources.
? Importing threat indicators into monitoring systems.
? Conducting vulnerability scanning and reporting results.
? Maintenance of vulnerability scanning tools.
? Conducting simulated phishing campaigns.
? Documentation of methods and procedures.
? Perform penetration testing on applications and infrastructure and recommend action plans.
? Review patch releases from vendors including Microsoft and assess risk and recommended actions to patch bulletins. Work with operations groups to orchestrate patch deployments.
? Monitor security alerts from ArcSight SIEM across a 3500+ user WAN for potential intrusions and policy breaches.
? Assist with the development, implementation, and tuning of monitoring use cases as needed upon emergence of new applications, threats, and policies.
? Develop signatures and rules for detecting and blocking threats.
? Support the incident response process by providing advanced analysis services when requested including recommendation of containment and remediation processes, independent analysis of security events, and reporting of identified incidents.
? Maintain incident response documentation.
? Provide guidance and education to other groups within the Information Technology function, including Infrastructure Architecture, Application Development, Network Operations, System Operations, and Help Desk.
? Provide off-hour support as required.
? The qualified candidate must have at least 5 years’ experience working with IT security monitoring and vulnerability management.
? Experience preparing and/or presenting reports and briefings is required.
? Must be able to obtain and maintain a US Government security clearance
? Understanding of common vulnerabilities and exploits is required
? Knowledge of the cyber threat landscape including types of adversaries and the motivations that drive them is required.
? Proficiency in both Windows and Linux is required
? Experience analyzing security events and differentiating between incidents and non-incidents is required.
? Experience in configuring and operating vulnerability scanning tools such as Nessus, Qualys, Nexpose, etc. is required.
? Penetration testing experience strongly desired.
? Experience in SIEM technologies such as ArcSight, Splunk, Qradar is desired.
? Experience with threat hunting and cyber intelligence is desired
? Experience with malware analysis and reversing is desired
? Strong understanding of the TCP/IP protocol suite, OSI model, and network services such as DHCP and DNS; layer 2 and 3 networking technology and protocols is desired
? B.S. Degree in Computer Science or related field and/or 5 to 7 years related experience.
? Excellent oral and written communication skills.
? Must be self-motivated and able to work both independently and as part of a team.
? CISSP or GIAC (GSEC, GCIA, GCFA, GCIH, GREM, GPEN) or similar certification strongly desired.