Job Description
job summary:
Hybrid from South Mountain AZ office - T-Commute on Mondays and Fridays
Monday - Friday 8am-4pm
Client Security & Technology Operations organization is seeking an Information Cyber Security Analyst for the Security Operations Center. The selected candidate will participate in a 24x7x365 team that monitors, analyzes, and responds to information security related threats such as commodity malware, policy violations, and advanced persistent threats. Members of the SOC are also tasked with supporting the efforts of the Threat Intelligence, Risk Management, and Forensic teams. The successful candidate will be a highly technical, passionate, and self-driven individual who loves to learn, solve problems, and contribute to the advancement of the team.
What you'll do:
- Work as part of a team of Information Security professionals supporting a global enterprise.
- Triage and respond to concurrent information security incidents reported via SIEM, ticketing system, email, etc...
- Perform root cause analysis, document findings and collaborate with technology/process owners to prevent future occurrences.
- Research, analyze and understand log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems.
- Automate manual processes via scripting.
- Perform raw data review in an effort to identify malicious activity for which signatures/content do not exist.
- Assist with the development of new content and tuning/filtering of existing content for SIEM, IDS, and other security technologies.
- Participate in documentation evergreen process to ensure accuracy of documentation critical to the team's success.
- Work with management to define/update standard operating procedures and response plans.
- Support efforts of Sr. Security Analysts, Team Lead, Technical Directors and/or Management during all phases of the Incident Response process.
location: Phoenix, Arizona
job type: Contract
salary: $45 - 50 per hour
work hours: 8am to 5pm
education: Bachelors
responsibilities:
What you'll do: - Work as part of a team of Information Security professionals supporting a global enterprise.
- Triage and respond to concurrent information security incidents reported via SIEM, ticketing system, email, etc...
- Perform root cause analysis, document findings and collaborate with technology/process owners to prevent future occurrences.
- Research, analyze and understand log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems.
- Automate manual processes via scripting.
- Perform raw data review in an effort to identify malicious activity for which signatures/content do not exist.
- Assist with the development of new content and tuning/filtering of existing content for SIEM, IDS, and other security technologies.
- Participate in documentation evergreen process to ensure accuracy of documentation critical to the team's success.
- Work with management to define/update standard operating procedures and response plans.
- Support efforts of Sr. Security Analysts, Team Lead, Technical Directors and/or Management during all phases of the Incident Response process.
qualifications:
What you have:
- Minimum of 2+ Security Experience Years of professional experience, or equivalent.
- Between 2-5 Years IT Experience Years of professional experience, or equivalent.
- Experience as an initial point of escalation for the Security Analyst I.
- Train, mentor, and oversight of the Security Analyst I.
- Thorough understanding of computer networking: TCP/IP, routing and protocols.
- CompTIA Network+ or equivalent knowledge/experience required.
- CompTIA Security+ or equivalent knowledge/experience required.
- Detailed knowledge of packet structure and previous experience performing in-depth packet analysis required.
- Thorough understanding of information security best practices and technologies.
- Detailed knowledge regarding the administration, use, securing and exploitation of common operating systems.
- Prior experience analyzing log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems required.
- Robust proficiency with Windows and Unix/Linux command line.
- In-depth knowledge of obfuscation techniques used to encode/encrypt malicious traffic/data.
- Familiarity with a standardized incident response framework (SANS/NIST).
- Research and analytical background and an analytical approach; especially with respect to event classification, event correlation, and root cause analysis.
- Scripting experience with Python, Perl, SQL, and/or PowerShell highly preferred.
- Must be able to react quickly, decisively, and deliberately in high stress situations.
- High level of ethics and core values.
- A Robust passion for learning.
- Robust verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers.
- Willingness to participate in shift work.
- Self-disciplined to ensure completion of shift work with little supervision. Highly motivated individual with the ability to self-start, prioritize, and multi-task.
Preferred but not required.
- Associates or BS in Computer Science or equivalent experience.
- SANS GCIH, GCIA, or equivalent industry recognized certifications
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).
This posting is open for thirty (30) days.
Job Tags
Hourly pay, Contract work, Temporary work, Work experience placement, Work at office, Monday to Friday, Shift work