Previous Job
Previous
Senior Security Analyst
Ref No.: 18-00738
Location: Purchase, New York
Position Type:Right to Hire
Experience Level: 5 Years
Start Date / End Date: 10/29/2018 to 05/03/2019
The client is seeking a Senior Security Analyst to join our Information Technology team in Purchase, NY, Florham Park, NJ or Charlotte, NC locations.

The Senior Analyst is responsible for Incident Response, Log Analysis/Correlation, Threat Mitigation, and Security Control Implementation. The analyst will respond to complex security incidents starting with either a system-generated alert or a user-reported suspicious activity. When not actively handling incidents, this role will help improve the security of our computing environment by collaborating with application and infrastructure teams or improving our set of internal security tools and processes.

Main areas of responsibility:
  • Investigate security incidents, develop and implement a response to neutralize the threat. Work with other IT disciplines including the networking, server, database, and application support teams to resolve security issues.
  • Design new controls and procedures to prevent future occurrences of common threats. Work with other IT disciplines to implement.
  • Exchange threat data with other of client' companies, ISACs, and regulatory/law enforcement agencies as required.
  • Implement and manage security tools:
    • Configure and tune data sources (vendor-provided/third-party/open-source), rules, and alerts
    • Identify visibility gaps and develop options to address them
    • Provide security guidance and implementation support for vulnerability management: work with other IT disciplines to develop a technical mitigation
    • Secure deployment: formulate firewall, IPS, and other rules based on vendor-provided requirements.
    • Public key cryptography: ensure that certificates and keypairs are being used appropriately in devices, applications, etc.
    • Ongoing system hardening: maintain awareness of new security capabilities in our platforms and contribute to the design and implementation. Identify new tactics, techniques, and procedures that threaten our existing controls.


Desired Skills & Experience:

The ideal candidate will possess an understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business. He/she will react quickly, decisively, and deliberately in high-stress, high-impact situations and collaborate with others to understand and provide guidance surrounding these circumstances. The Senior Security Analyst will also have strong decision-making skills and the ability to implement and measure processes to show effectiveness and consistency.

Minimum Qualifications:
    • SOC/CIRT incident handling protocols and SIEM tools
    • Windows authentication and internals; Kerberos, LDAP, groups, ACLs, and GPOs
    • Public key infrastructure and cryptographic fundamentals
    • Discovery/reconnaissance/OSINT tools; e.g. nmap, Bloodhound, shodan.io, etc.
    • Hands-on experience with IDS/IPS, web filtering, and EDR solutions (Carbon Black), specifically with the creation of access and logging rules
    • Online sources for reliable analysis of emerging threats


Preferred Qualifications:
    • Scripting with PowerShell and Python
    • Integration with services via REST and JSON APIs
    • Pattern matching using regular expressions (YARA, snort, or similar)
    • SAML, OAUTH, and other web authentication mechanisms
    • SQL Server security and activity monitoring
    • Vulnerability scanning, both tools and workflows for operating systems, web applications, etc.
    • Cyber Kill Chain, MITRE Telecommunication &CK, or other frameworks
    • Experience in penetration testing
    • SANS GCFA, GCED, GMON, or Splunk certification
    • BS or MA in Computer Science, Information Security, or a related field

This is a right to hire opportunity after a specified consulting engagement. As such, the client company offers a competitive compensation and benefits package commensurate with experience.