Day1 Onsite

Information Security Analyst (Vulnerability, CISSP)

Location: San Francisco, CA

Job Type: Full Time

Job Summary

Responsibilities

• Lead and own incident response efforts/escalations, Check and interpret data from multiple security platforms
• Monitor and interpret data from a number of security monitoring platforms (e.g. IPS/IDS, Next-Gen Firewall, Anti-Virus, Vulnerability Scanner, etc.)
• Research and analyse security event data to find potential security incidents using SIEM (Security Information and Event Management) technology
• Perform log analysis and network forensics to support the incident response mission.
• Execute incident response processes and procedure, document all incident analysis and response activity in a structured ticketing system, document, test and refine incident response processes and procedures, training NOC (Network Operations Center) support staff on security monitoring and response responsibilities
• Generate shift-handoff documentation and facilitate knowledge transfer to oncoming analysts
• Support information security engineering/architecture team
• Monitor public security advisories and alerts for information related to threats and vulnerabilities
• Research and analyse security event data to find potential security incidents using SIEM (Security Information and Event Management) technology Splunk, EDR (Endpoint Detection and Response) (Endpoint Detection and Response) – Sentinel One, Carbon Black, Email Security – Proofpoint, Phishing Simulation – KnowBe4, Cloud Security - Azure and AWS (Amazon Web Services)
• Perform threat hunting, security testing, validation and basic penetration testing, support information security engineering/architecture team
• Provide support for incident response and vulnerability management efforts and drive efforts to improve and further build out the security monitoring tools
• Maintain knowledge of current security trends and be able to clearly communicate them to the team.
• Flexibility to work non-standard hours (Pacific Time), including evenings, nights and weekends depending on the individual’s defined shift.

Qualifications

Minimum qualifications

• Bachelor’s degree in IS, Computer Science, MIS Management, or related field, or equivalent combination of education and experience needed.
• 6-8 years working within Information Technology and 4-6 years specifically in a security operations or threat/vulnerability management role
• Experienced in conducting security risk assessment and triaging SOC (Security Operations Center) incidents by using incident response best practices
• Understanding of Cyber Kill Chain and MITRE ATT&CK frameworks
• Manage deployments, network devices, node monitoring and troubleshooting of related issues.
• Good understanding of TCP/IP, network, and security system device management
• Strong LDAP and AD (Active Directory) experience and integration with security tools
• Familiarity with diagnostic tools and analyzing data, log interpretation, and packet analysis
• Must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude
• Must have experience using and building SIEM technologies and creating, tuning and responding to detections and alerts
• Demonstrated oral/written communications, and client facing skills

Preferred Experience / Certifications

• CISSP (Certified Information Systems Security Professional), GSEC, GCIH (GIAC Certified Incident Handler), GCED, GCFA, GCFE, GMON certifications
• Experience administering with Windows, UNIX, LINUX and IOS operating systems
• Flexible to work for 24x7 process
• Excellent Communication and interpersonal Skills
• Ability to work independently and prepare Dashboards and Reports
• Experience of working independently & as a team player
• Should have a proactive work approach and ability to think outside the box
• Working knowledge of TCP/IP Networking (IP Addressing, DNS, Routing, Switching, Ports/Protocols)
• Familiarity with Security frameworks and compliance programs such as NIST (National Institute for Standards & Technology), ISO (International Standards Organisation), HIPAA (Health Insurance Portability and Accountability), PCI (Payment Card Industry)
• Experience with internal security assessments/reviews
• Understanding of networking concepts and database technologies
• Experience with application security concepts and methodologies
• Hands-on experience with security technologies from the following preferred vendors: Splunk, Palo Alto Networks Firewalls, Proofpoint, Carbon Black
• Experience with MDM (Mobile Device Management) solutions and SaaS/IaaS security

Job Type: Full-time

Pay: $120,000.00 - $140,000.00 per year

Compensation package:

• Yearly pay

Schedule:

• 8 hour shift
• Monday to Friday

Work Location: In person

Please Note :
clarksqn.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, clarksqn.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.