Pondurance · 4 hours ago

Security Analyst II

United States

Full-time

Remote

Mid Level

4+ years exp

Maximize your interview chances

Cloud SecurityCompliance

Insider Connection @Pondurance

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Review internal tickets and assign according to designed workflows

Analyze intrusions, detect incidents, and assist in response

Seek out attacker presence on client’s networks and logs with advanced threat hunting

Identify attack vectors, threat tactics and attacker techniques

Proactively engage with clients to understand their security needs and wants

Regularly assist with reviews and provide reports on observed threats

Research new threats to enterprise environments

Assist Senior Security Analysts as directed by leadership to participate in hunt activities and intelligence actions

Work with the team to resolve issues, tweak current processes, and develop/improve existing work instructions

Analyze Indicator of Compromises (IOCs) and work with the team to develop countermeasures

Create, update, and participate in crafting playbook responses, and other Standard Operating Procedure (SOP) documentation.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Packet Capture analysisSIEM solutionsMalware reverse engineeringEDR solutionsInformation security knowledgeVulnerability scanning toolsNetwork administrationLog analysis skillsUnix/Linux experienceIPv4/v6 networksNetwork devices knowledgeCybersecurity certificationsEmail phishing detectionTicketing systemsProxies knowledgeIDS/IPS tools knowledge2-year degree in tech4-year degree in CS

Required

4-7 years of overall I.T. experience

Demonstrated experience with some of the following: Packet Capture (PCAP) analysis using Wireshark, Familiarity with commercial or open source log or SIEM solutions, Event analysis, correlation, reporting and alerting, Reverse engineering malware and host-based analysis/detection, Service discovery tools such as nmap, Vulnerability scanning tools such as Nessus, Nexpose, and/or Qualys

Experience with system or network administration (Unix/Linux experience preferred)

Experience and knowledge of information security, IPv4/v6 networks, network devices, proxies, and IDS/IPS tools and applications

Endpoint, Detection and Response (EDR) solution experience (FireEye, SentinelOne, Crowdstrike for example)

Industry-recognized certifications related to cybersecurity or 2-year degree in computer technologies and industry-recognized certifications or 4-year degree in Computer Science or equivalent

Continuous growth progress within the Cybersecurity/Information technology field by accumulating certifications, degrees and/or CPEs

Intermediate level log analysis and review skills

Beginner experience with vulnerability scanning tools and reporting

Intermediate Email phishing detection/analysis experience

Experience working within ticketing systems

Shift work and holiday work are required as part of a 24/7/365 SOC