Contact Us 877.823.3669

Associate Security Analyst in Tampa, FL at SNI Technology

Date Posted: 8/19/2019

Job Snapshot

Job Description


SNI Technology is pleased to represent our client in their search for an Associate (Tier 2) Security Analyst for a permanent position in the greater Tampa Bay Area. The ideal candidate will possess a keen interest in security and the need for the confidentiality, integrity and availability of information and information systems to be maintained! This is a phenomenal opportunity to join one of Tampa's best Security as a Service providers. They offer competitive compensation, dynamic benefits and plenty of upward mobility!

Please note: This is a SOC environment and may require a flexible schedule; ideally we're looking for candidates who are open to work either 2nd or 3rd shift hours!

TIES AND RESPONSIBILITIES:

  • Respond to antivirus detections by performing scans, attempting remediation, and escalation as required.
  • Multitask and prioritize work based on associated risk.
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Coordinate with enterprise-wide cyber defense staff to correlate threat assessment data and validate network alerts.
  • Create auditable evidence of security measures.
  • Document and escalate incidents (including event history, status and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Implement IP blocks in customer firewalls to reduce attack surface.
  • Examine network topologies to understand data flows through the network.
  • Identify network mapping and operating system (OS) fingerprinting activities.
  • Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
  • Perform cyber defense trend analysis and reporting, including preparation of audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.
  • Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
  • Able to perform other duties as assigned.



EDUCATION AND WORK EXPERIENCE:

  • Bachelor's Degree and/or 3-5 years of experience in a SOC.
  • Professional certifications such as CompTIA Security+, Network+, Linux+, or SANS GIAC GSEC, GCIH, and/or equivalent professional experience or education preferred.
  • Strong knowledge of and hands-on experience with:
  • The OSI model.
  • Security tools and programming languages including:
  • Wireshark/tcpdump
  • Security Management Systems (SMS).
  • Regular Expressions/Powershell.
  • Experience with network investigations reviewing endpoint logs, network traffic logs, and security solutions.
  • Operating systems knowledge and systems administration skills for various versions of UNIX, LINUX, and Windows and ability to read and understand Windows logs.
  • Strong knowledge of the various security solutions such as AV, IPS, IDS, SIEM, firewalls and proxies.
  • Comprehensive understanding of Incident Response Handling procedures, and break the chain exercises.
  • Information Security and Compliance industry standards and best practices.