IT Cyber Defense Analyst

IT Cyber Defense Analyst responsible for triage security incidents, identifying enhancement to rule sets, and coordinating with business units to prioritize vulnerability remediation. Experience in Security Operation Center (SOC), Cyber Security, and Information Security required.

Requirements

• 2-4 years of experience in Security Operation Center (SOC), Cyber Security, and Information Security within an enterprise environment.
• Experience with Windows and Linux, server and application hardening process.
• Experience supporting one or more information security technologies.
• Mandatory experience in Azure, EDR, XDR (Crowdstrike, Windows Defender), SOAR, SIEM Tools (e.g., Splunk, Rapid7, ArcSight, McAfee Nitro), Palo Alto, Cisco and one of the following: IDS/IPS, database activity monitoring, multi-factor authentication, web content filtering, encryption, and encryption key management, DLP, change detection.
• Working knowledge of TCP/IP stack & familiarity with common protocols e.g., HTTP, FTP, SMTP, DNS.
• Familiarity with network and application threats such as DoS/DDoS, SQL injection, XSS, reconnaissance scanning, and methods to avoid detection.
• Working knowledge of compliance, and regulatory requirements, such as Payment Card Industry (PCI), Sarbanes-Oxley (SOX), and Healthcare Information Privacy Protection Act (HIPAA).
• Experience with vulnerability scanning tools such as Nessus, Acunetix, Qualys, or Metasploit a plus.
• Have scripting experience with Bash, PowerShell, or Python and the ability to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts.
• Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain.
• InfoSec certification are a plus such as CISSP, CompTIA Security+, GIAC Security Essentials, & CEH
• Have strong oral and written communication skills Strong interpersonal and leadership skills.