Pondurance · 7 hours ago

Security Analyst

United States

Full-time

Remote

Entry Level

1+ years exp

Maximize your interview chances

Cloud SecurityCompliance

Insider Connection @Pondurance

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Analyze intrusions, detect incidents, and assist in response

Seek out attacker presence on client’s networks and logs

Identify attack vectors, threat tactics and attacker techniques

Engage with clients to understand their security needs and wants

Regularly assist with reviews and provide reports on observed threats

Research new threats to enterprise environments

Analyze IOCs and work with the team to develop countermeasures

Collaborate with the team to resolve issues, tweak current processes, and revamp existing SOPs

Shift work and holiday work are required as part of a 24/7/365 SOC

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Microsoft DefenderCrowdStrikeSentinelOnePacket Capture (PCAP)WiresharkSIEM solutionsEvent analysisReverse engineering malwareNmapNessusNexposeQualysUnix/LinuxInformation securityIPv4/v6 networksNetwork devicesProxiesIDS/IPS toolsApplied Technical ThinkingCapacity for Synthesis

Required

MUST have a minimum of 1-2 years of experience with one or more of the following: Microsoft Defender, CrowdStrike, SentinelOne

Demonstrated experience with several of the following: Packet Capture (PCAP) analysis using Wireshark, Familiarity with commercial or open-source log or SIEM solutions, Event analysis, correlation, reporting, and alerting, Reverse engineering malware and host-based analysis/detection, Service discovery tools such as nmap, Vulnerability scanning tools such as Nessus, Nexpose, and/or Qualys

Experience with system or network administration (Unix/Linux experience preferred)

Experience and knowledge of information security, IPv4/v6 networks, network devices, proxies, and IDS/IPS tools and applications

Effective in evaluating information for reliability, validity, and securing network communications

Analytical Thinking: Break down the fundamental components of a problem or situation, examine the relationship between them, verify all pertinent facts and draw an appropriate conclusion.

Applied Technical Thinking: Able to apply specialized, theoretical knowledge to efficient operational uses.

Capacity for Synthesis: Able to bring together disparate elements to create a coherent entity or a big-picture overview in order to gain a new perspective.

Flexibility: Operate efficiently in constantly evolving environments and, when confronted with unforeseen circumstances, readjust priorities to accommodate change.

Problem Solving: Able to identify problems, determine cause and effect, and propose solutions using new approaches or an innovative point of view.

Sense of Urgency: Be prone to react quickly to outside demands, get onto things right away and get things done fast