Position Summary:
The Cyber Security Operations Center (CSOC) has an opening for a cyber security analyst which has two primary areas of responsibility. The first area being an analyst responding to security incidents and alerts, the second being a threat hunter.
Essential Responsibilities:
This position will be focused on administration, updates, maintenance and automation of existing security tools and infrastructure, as well as working incidents as needed.
Core Duties:
- Responding to security incidents
- Create additional alerts for threats
- Tuning of security solutions
- Detection, monitoring, analysis, escalation of security incidents
- Network scanning and vulnerability assessments
- Train others on primary areas
- Stay up-to-date on security news
- Analyze network traffic and intrusion alerts; discern false positives
- Network scanning and vulnerability assessments
Identify and respond to threats to meet or exceed defined SLAs. Escalate as needed. See incident through to resolution and document the event.
Searching the environment for potential insider or advanced persistent threats and rogue devices.
Create and maintain appropriate standard operating procedures for the CSOC, including business continuity plans.
Cross-train others CSOC team members/other teams on primary areas of responsibility
Tuning of and responding to alerts generated or requests soliciting help from the CSOC.
Ensure operational readiness for any type of business continuity, disaster recovery or M&A event.
Work with CSOC and other teams to design, architect, consult and implement new security solutions and services.
Position Requirements:
Education:
B.S. in Information Security or similar preferred;
Security related certifications a big plus: GCIH, GCFA, CEH, Security+, TCSE
Experience:
Minimum 2 year of hands on IT experience in a system administration (Windows/Linux mix)role, preferred 1 year cybersecurity experience.
Skills/Knowledge:
- Well versed in log analysis
- Familiar with common enterprise IT architectures
- IT administration experience
- Windows/Linux hardening
- Network ports and protocols
- Vulnerability assessment tools (Nessus, Nmap)
- Scripting for automation (Python, PowerShell, APIs)
- Strong troubleshooting, reasoning, problem solving
- Endpoint and network security tools/techniques
- investigating AntiVirus or IDS alerts
- Demonstrated ability to write clear and concise technical documentation
- Ability to multi-task and change priorities with short notice
- High standard of professionalism and ethics
Equal Pay Act Statement: We aim to pay our ITTers fairly and competitively in the locations that they live and work. Pay-for-performance is a principle that we believe in, and employees are rewarded based not only on what they accomplish, but also on how they reflect ITTs values. ITT offers a competitive salary and robust total rewards package, such as health insurance, 401(k), short and long-term disability, paid time off, growth and developmental opportunities, and other incentive compensation programs. Specific benefits are dependent upon whether or not the position is part of a collective-bargaining agreement. The salary offered to a candidate is based several factors such as candidate experience and qualifications, location, as well as market and business considerations. Equal Pay Act Range: Annual Salary Range $57,000 to $85,500 plus benefits and incentive plans