Security Operations Analyst L1

Our Client a Major Entertainment/Media firm located in Midtown Manhattan is seeking a Security Operations Analyst. This is a contract opportunity with no end date. This role is a hybrid opportunity, 4 days onsite. As a Security Analyst, you will play a crucial role in maintaining and enhancing our organization's cybersecurity posture. You will assist in the execution of various security initiatives and collaborate closely with cross-functional teams to implement effective security measures. A security analyst's primary duties will be to detect and respond to threats facing the Bank and continually improve our security posture.

Responsibilities

• Monitor and respond to security incidents and alerts
• Regularly audit and analyze user activity logs, privileged activities, file access, and email activity
• Recognize and respond to anomalous patterns of user and entity behavior
• Analyze anomalous traffic in cloud environments, validate threats, and determine remediation steps.
• Analyze email attributes such as headers and implement appropriate countermeasures.
• Analyze and assess security threats and vulnerabilities, recommending appropriate mitigating actions
• Continuously monitor networks for security breaches and other anomalous activities
• Maintain detailed records of security incidents, analyses, and mitigation actions taken
• Generate and present detailed reports on security incidents, trends, and responses for senior management
• Participate in process review, incident briefing, and incident response meetings
• Work closely with other GT&O staff to enhance system security and develop robust defense mechanisms
• Stay informed and updated with the latest security technologies, trends, and threat vectors to continuously improve the organization's security posture
• Knowledge of common tactics, techniques, and procedures (TTPs) used by cyber adversaries
  
  

Qualifications

• Bachelor's Degree required, with a preference for Cybersecurity
• 1 years of experience in an IT Security Operations role
• 1 year of experience with the Microsoft Defender Security Suite, including Microsoft Defender for Identity, Microsoft Defender for Office, Microsoft Defender for Endpoint, and Microsoft Defender for Cloud
• Strong understanding of network protocols, firewalls, VPNs, IDS/IPS, and anti-virus software
• Strong understanding of identity management and Active Directory and Azure Active Directory
• Excellent analytical and problem-solving skills with the ability to think critically under pressure
• At least one entry-level cybersecurity certification:
• CompTIA CySA or Security
• GIAC Security Essentials (GSEC)
• Microsoft Certified Security Operations Analyst
• Knowledge of the MITRE ATT&CK framework, and basic concepts of threat hunting
• Proficiency with scripting languages
• Experience with offensive security tools
• Strong verbal, written, and interpersonal communication skills
• Highly organized, motivated, dedicated and a team player
• Availability to work during emergencies, and scheduled afterhours and weekends