Information Security Specialist III
TPA's Farmers Branch based client is looking for a Security Analyst. The Client's Security Operations team is responsible for detecting and responding to cyber threats targeting their systems, applications, infrastructure, information, and users. The Information Security Analyst is a highly technical role responsible for developing, maintaining, and automating threat monitoring capabilities used by the Security Operations Center (SOC) team in various environments. The ideal candidate will have strong and continuous experience with SIEM technologies.
This position is responsible for:
• Driving Log Ingestion and common information models for log sources across the enterprise.
• Providing subject matter expertise on advanced threat analysis against large data sets.
• Development of integrations with orchestration tools and cloud environments
• Developing and maturing active threat monitoring and response use case portfolio.
• Designing and implementing dashboards and data visualizations for various stakeholders.
• Developing and implementing KPI and metric reporting related the threat analysis.
• Maintaining current knowledge of emerging cyber security threats.
• Development, implementation, and improvements of internal tools for Security Automation.
• Participate in evaluating, recommending, implementing, and troubleshooting security tools.
• Maintaining a high level of confidentiality.
Required skills and experience:
• 5-8 years of experience in cloud security, data analysis, and configuration of security monitoring platforms.
• Strong experience with security logging and monitoring.
• Experience implementing security monitoring and response capabilities on cloud platforms (Amazon Web Services, Microsoft Azure).
• Strong understanding of threat analysis and incident response practices and methodologies.
• Expert technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, and packet inspection.
• Experience with endpoint security analysis on Windows, Mac, and Linux host event data and related tools.
• Experience with security behavioral analytics platforms used for user and entity behavioral analytics and anomaly detection.
• Strong analytical skills and ability to identify advanced threats.
• Ability to interact effectively at all levels of an organization and across diverse cultural and linguistic barriers.
• Ability to work effectively as part of a team and independently with minimal supervision.
• Availability outside working hours for high priority events.
• Strong written and verbal communications.
• Ability to prioritize projects and deliverables.
• Bachelor’s degree or equivalent experience.
• Certifications such as GCIH, GIAC, CISSP, Splunk Certified Admin.
• Scripting skills such as Python, Perl, Shell, Bash, RegEx, Splunk query language.