HYBRID Position : Information Security Analyst in Rockville, MD (Local to MD)

Information Security Analyst

Rockville, MD (Local to MD)

Face to Face Interviews

12 Months

Key Responsibilities

• Monitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows, Linux, and Unix), and databases
• Separate true threats from false positives using network and log analysis and escalate possible intrusions and attacks
• Initiate tickets, document, and escalate to leadership
• Maintain a strong awareness of the current threat landscape
• Track and document cyber defense incidents from initial detection through final resolution.
• Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness).

• Gather and analyze information for defining requirements, specifications and issues to support the development of new policies, standards and procedures or update existing ones.
• Work with a team of diverse individuals and cross-functional teams to solve unique and complex problems with broad impact on the business.
• Provide clear updates to management on security incidents; Investigate, document, and report on forensic investigations
• Able to exercise discretion and maintain confidentiality
• Proficient in reporting and answering analytical questions using vulnerability data

Basic Qualifications

• Excellent teamwork skills
• Knowledge of and experience with intrusion detection/prevention systems and SIEM software
• Strong knowledge and understanding of network protocols and devices.
• Strong experience with Mac OS, Windows, and Unix systems.
• Ability to analyze event logs and recognize signs of cyber intrusions/attacks
• Ability to handle high pressure situations in a productive and professional manner.
• Strong written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language
• Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team
• Ability to provide tuning recommendations for security tools to tool administrators.

Strong knowledge of the following:

• SIEM
• Packet Analysis
• SSL Decryption
• Malware Detection
• EDR
• Network Monitoring Tools
• Email Security
• Data Loss Prevention
• Anti-Virus

Preferred Qualifications

• Experience with security frameworks (i.e., Mitre Attack, Cyber Kill Chain, etc.)
• Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, or related areas
• 2-4 years of hands-on SOC/TOC/NOC experience
• GCIA, GCIH, GCFE, CISSP, Security , Network , CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred
• Understanding of programming/scripting languages and ability to run basic database queries

Education

• Minimum bachelor s degree in Information Security, Computer Science, or another IT-related field. Exceptional candidates with proven experience in security/network operations will also be considered.