We are currently seeking experienced Tier 2 Cyber Security Operations Analysts to join our client's IT Cyber Security Operations Monitoring Team. The ideal candidates will be responsible for performing Tier 2 SOC follow-up and remediation activities on escalated incidents. As a Senior Analyst, you will demonstrate critical thinking skills and analytical aptitude while responding to a wide range of escalated incidents and ensuring their resolution through the incident lifecycle.

• Utilize Security Incident & Event Management (SIEM) system, particularly Splunk, to conduct correlated searches and analysis.
• Analyze and dissect network packets to validate threat signatures.
• Perform basic static forensic analysis of systems and files on endpoints.
• Analyze email attributes such as headers and implement appropriate countermeasures to enhance email defense.
• Analyze anomalous detected traffic in cloud environments based on defined attack policies, validate threats, determine remediation steps, and present findings.
• Recognize and respond to various anomalous patterns of user and entity activity to detect malicious intent using User & Entity Behavior Analytics (UEBA).
• Detect and respond to various types of code-based attacks on web applications.
• Analyze Data Loss Prevention (DLP) events and detect data exfiltration through covert channels.
• Document As-Is and To-Be playbooks for existing and future processes.
• Coordinate and facilitate meetings such as process reviews, requirements, and various status reports.

Qualifications, Experience & Education:

• Knowledge of enterprise networks & security infrastructure, communication and internet security systems, firewalls, intrusion protection systems, remote access VPN, proxy, wireless security, NAC, enterprise ID management systems, databases, computer systems, security event analysis, and forensic investigations.
• Organizational, decision-making, and communication skills.
• Strong team player with the ability to engage and promote a cohesive unit.
• Bachelor’s degree in Computer Science, Cyber Security, Information Technology, or related discipline OR a satisfactory equivalent with 4-6 years of Information Technology experience.
• Additional Skills and Information: Security Event Monitoring, Network Event Monitoring, Email Header Analysis, Packet Capture Inspection, Malware Triage & Analysis, SIEM (Splunk) & TIP Experience.

• Health Insurance
• Sick Time
• 401k