Pondurance

Security Analyst II

Pondurance

full-time

Posted on:

Origin:  • 🇺🇸 United States • Virginia

Visit company website
AI Apply
Apply

Job Level

JuniorMid-Level

Tech Stack

Cyber SecurityLinuxOpen SourceUnix

About the role

  • Support the 24/7/365 Security Operations Center (SOC) as Security Analyst II
  • Serve as the escalation point for Security Analysts (Tier 1) and provide backup when required
  • Answer incoming calls and internal and external emails
  • Monitor, detect, and respond to customer alerts from logs and network sources within EDR solutions
  • Review vulnerability reports and assessments
  • Analyze intrusions, detect incidents, and assist in response
  • Threat hunt and seek attacker presence on client networks and logs
  • Identify attack vectors, threat tactics, and attacker techniques
  • Proactively engage with clients to understand security needs
  • Assist with reviews and provide reports on observed threats
  • Research new threats to enterprise environments
  • Assist Senior Security Analysts in hunt activities and intelligence actions
  • Work with team to resolve issues, improve processes, and develop work instructions
  • Analyze Indicators of Compromises (IOCs) and develop countermeasures
  • Shift work and holiday work as part of 24/7/365 SOC

Requirements

  • 1-2 years experience with Microsoft Defender, CrowdStrike, or SentinelOne (specific minimums listed)
  • Demonstrated experience with PCAP analysis using Wireshark
  • Familiarity with commercial or open source log or SIEM solutions
  • Event analysis, correlation, reporting and alerting
  • Reverse engineering malware and host-based analysis/detection
  • Service discovery tools such as Nmap and Shodan
  • Vulnerability scanning tools such as Nessus, Nexpose, and/or Qualys
  • Experience with system or network administration (Unix/Linux experience preferred)
  • Experience and knowledge of information security, IPv4/v6 networks, network devices, proxies, and IDS/IPS tools and applications
  • Endpoint Detection and Response (EDR) solution experience (FireEye, SentinelOne, Crowdstrike for example)
  • Prior experience working within a SOC or similar environment
  • Industry-recognized certifications related to cybersecurity or 2-year degree in computer technologies and industry-recognized certifications
  • 4-year degree in Computer Science or equivalent
  • Intermediate level log analysis and review skills
  • Beginner experience with vulnerability scanning tools and reporting
  • Intermediate Email phishing detection/analysis experience
  • Experience working within ticketing systems
  • Ability to work shift work, holiday work, evening/night shifts
  • Must be authorized to work in the US (application form asks about US citizenship and authorization)