Our Client a Major Entertainment/Media firm located in Midtown Manhattan is seeking a Security Operations Analyst. This is a contract opportunity with no end date. This role is a hybrid opportunity, 4 days onsite. As a Security Analyst, you will play a crucial role in maintaining and enhancing our organization's cybersecurity posture. You will assist in the execution of various security initiatives and collaborate closely with cross-functional teams to implement effective security measures. A security analyst's primary duties will be to detect and respond to threats facing the Bank and continually improve our security posture. RESPONSIBILITIES
- Monitor and respond to security incidents and alerts
- Regularly audit and analyze user activity logs, privileged activities, file access, and email activity
- Recognize and respond to anomalous patterns of user and entity behavior
- Analyze anomalous traffic in cloud environments, validate threats, and determine remediation steps.
- Analyze email attributes such as headers and implement appropriate countermeasures.
- Analyze and assess security threats and vulnerabilities, recommending appropriate mitigating actions
- Continuously monitor networks for security breaches and other anomalous activities
- Maintain detailed records of security incidents, analyses, and mitigation actions taken
- Generate and present detailed reports on security incidents, trends, and responses for senior management
- Participate in process review, incident briefing, and incident response meetings
- Work closely with other GT&O staff to enhance system security and develop robust defense mechanisms
- Stay informed and updated with the latest security technologies, trends, and threat vectors to continuously improve the organization's security posture
- Knowledge of common tactics, techniques, and procedures (TTPs) used by cyber adversaries
QUALIFICATIONS
- Bachelor's Degree required, with a preference for Cybersecurity
- 1+ years of experience in an IT Security Operations role
- 1+ year of experience with the Microsoft Defender Security Suite, including Microsoft Defender for Identity, Microsoft Defender for Office, Microsoft Defender for Endpoint, and Microsoft Defender for Cloud
- Strong understanding of network protocols, firewalls, VPNs, IDS/IPS, and anti-virus software
- Strong understanding of identity management and Active Directory and Azure Active Directory
- Excellent analytical and problem-solving skills with the ability to think critically under pressure
- At least one entry-level cybersecurity certification:
- CompTIA CySA+ or Security+
- GIAC Security Essentials (GSEC)
- Microsoft Certified Security Operations Analyst
- Knowledge of the MITRE ATT&CK framework, and basic concepts of threat hunting
- Proficiency with scripting languages
- Experience with offensive security tools
- Strong verbal, written, and interpersonal communication skills
- Highly organized, motivated, dedicated and a team player
- Availability to work during emergencies, and scheduled afterhours and weekends