Information Security Analyst
CSG
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $64,938 - $103,901 per year
Job Level
JuniorMid-Level
Tech Stack
Cyber SecurityDNSSMTPSQLTCP/IP
About the role
- Support the implementation and administration of information security policies, practices, procedures, and technologies to ensure the protection of networks, systems, applications, and data.
- Monitor, respond, and work to resolution alerts from security tools such as endpoint detection and response (EDR), email security, firewall, security event and information management (SIEM), IPS/IDS, Application Firewall, malware, change detection (FIM), user behavioral analytics, rogue wireless network alerts, and security system health monitoring.
- Participate in the organization's incident response plan and perform incident reporting on an as needed basis.
- Experience in incident response, to include evidence collection and preservation, timelining activities, and conducting technical interviews.
- Collaborate with team members and assist in developing and implementing SOC IR strategies, along with refining and testing incident response playbooks and procedures.
- Stay updated on emerging cybersecurity threats and trends.
- Perform security engineering tasks as required to include alert tuning, system maintenance, determining and capturing key information feeds, etc.
- Participate and fulfill requests from audit, compliance, and regulatory functions, including and not limited to Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and Federal privacy laws, and general security auditing.
Requirements
- Bachelor’s degree in computer science, Information Security, related field, or equivalent experience
- 2+ years of experience working extensively within security or highly technical IT fields
- Experience with various functions within the entire incident response life cycle including security system engineering, alert monitoring, triage, incident analysis (host and network forensics, malware analysis, etc.) and incident management
- Experience working with information security technologies, such as IDS/IPS, malware prevention, database activity monitoring, secure password repository, multi-factor authentication, SIEM, SPAM prevention, web content filtering, IdM/IAM, encryption and encryption key management, DLP, change detection, and vulnerability scanners
- Knowledge of TCP/IP: must be able to demonstrate technical understanding of all layers of the TCP/IP stack, including familiarity with major application-layer protocols such as HTTP, HTTPS, FTP, SFTP, FTPS, SMTP, DNS, etc.; must be able to read and understand a packet trace; must be able to read and interpret network access control lists
- A clear understanding of a variety of network and application attacks: examples include DoS/DDoS, buffer overflows, SQL injection, reconnaissance scanning, and evasive methods attackers use to avoid detection; must be able to demonstrate a minimum level of familiarity with well-known vulnerabilities and exploits
- Working knowledge with IT security, compliance, and regulatory requirements, such as Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA) , state and Federal privacy laws
- Ability to read, write, speak and understand the English language in a business environment
Benefits
- Work from Home
- Employee Belonging Groups
- Healthcare: Dental, Medical, and Vision
- Paid Vacation, Volunteer, and Holiday Time Off
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
incident responseevidence collectionhost forensicsnetwork forensicsmalware analysisalert monitoringtriageincident managementsecurity system engineeringTCP/IP
Soft skills
collaborationcommunicationproblem-solvinganalytical thinkingattention to detail
Certifications
Bachelor's degree in computer scienceBachelor's degree in Information Security