Role Summary:
All Senior Analysts are expected to handle customer facing investigations, mentoring and training of fellow analysts, display leadership, and to participate in interaction with customers and other teams through email or phone.
Requirements:
Solid understanding of core security technologies – Firewalls, IDS/IPS, SIEM, Endpoint protection, Network Topology
Experience performing forensic analysis of network logs and packets to identify compromise artifacts (3+ years)
Ability to identify actionable indicators of compromise based upon analysis of network forensic data
Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred
Ability and desire to mentor junior analysts
Required Qualifications:
Minimum of three years of experience performing triage/incident response in enterprise environments
Ability to analyze captured data or logs to perform incident response and identify potential compromises to customer networks
Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
Experience analyzing both log and packet data in a SEIM (Netwitness, ArcSight, Splunk, etc)
Strong understanding of incident response methodologies and reporting
Experience using ticketing systems for tracking (JIRA, Remedy, Zendesk, ServiceNow, etc)
Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
Higher level Security certifications (CEH, CISSP, GCIH, GREM, GPEN, GFNA, OCSP)
A leadership background including orchestrating team efforts for problem solving
Ability to manage security projects to completion both individually and in a group
A Strong ability to be an effective part of a cohesive team
Candidate must be reliable and able to function as part of a 24x7 operations center.
#LI-AV1