Overview
As a Security Analyst in our CDC (Cyber Defense Center) Department, you will play a crucial role in safeguarding our organization’s digital assets. Your responsibilities will span various aspects of cybersecurity, including threat detection, incident response, and vulnerability management. You’ll collaborate with cross-functional teams to enhance our security posture and ensure compliance with industry standards.
Responsibilities
Security Monitoring
* Monitor security events and alerts using our SIEM (Security Information and Event Management) system.
* Investigate and analyze suspicious activities, anomalies, and potential threats.
* Collaborate with the incident response team to address security incidents promptly.
Security Incidents
* Respond to security incidents promptly and effectively.
* Coordinate incident handling, containment, eradication, and recovery efforts.
* Document incident details and lessons learned for continuous improvement.
Incident Response
* Develop and maintain incident response playbooks and procedures.
* Participate in tabletop exercises and real-time incident simulations.
* Work closely with other teams (network, IT-Security, system administrators, etc.) during incident resolution.
Threat Hunting / Purple Team
* Conduct proactive threat hunting exercises to identify potential vulnerabilities and attack vectors.
* Collaborate with the red team (offensive security) to simulate real-world attacks and assess our defenses.
* Provide actionable insights to improve our security controls based on purple team findings.
Vulnerability Management
* Regularly assess and prioritize vulnerabilities across our environment.
* Coordinate vulnerability scanning and patch management efforts.
* Ensure timely remediation of critical vulnerabilities.
Penetration Testing
* Collaborate with external penetration testers or conduct internal penetration tests.
* Identify vulnerabilities in our systems, applications, and network infrastructure.
* Provide actionable recommendations to remediate identified weaknesses.
KPI / Compliance Monitoring
* Define and track key performance indicators (KPIs) related to security operations.
* Monitor compliance with security policies, standards, and regulations.
* Generate reports and metrics for management and stakeholders.
Qualifications And Skills
* Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
* Relevant certifications (e.g., CISSP, CEH, CompTIA Security+, etc.) are highly desirable.
* Strong analytical skills and attention to detail.
* Experience with security tools, such as EDR, vulnerability scanning, SOAR, mail security, SIEM platforms, vulnerability scanners, and penetration testing frameworks.
* Knowledge of industry standards (ISO 27001, NIST, CIS Controls, etc.)
#J-18808-Ljbffr