AWS Cyber Security Intrusion Analyst

Allegis Group - Chicago, IL

posted 10 days ago

Full-time - Mid Level
Chicago, IL
10,001+ employees
Administrative and Support Services

About the position

The AWS Cyber Security Intrusion Analyst will be a key member of an enterprise network application layer intrusion detection, prevention, and response team. This role focuses on leveraging advanced investigative skills to analyze security events, develop custom alerts, and implement effective controls to protect network-based bank assets. The analyst will work closely with various teams to triage security events, mentor junior team members, and contribute to the operationalization of cloud security in AWS and Azure environments.

Responsibilities

  • Function as a member of an enterprise network application layer intrusion detection, prevention, and response team.
  • Develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators.
  • Provide leadership in assessing new threat vectors and designing and implementing effective controls.
  • Leverage advanced investigative skills using best-in-class data correlation and network/packet analysis tools.
  • Partner with leaders from lines of business organizations to triage security events, contain security breaches, and provide updates to leadership.
  • Mentor and develop the skill sets of less experienced team members.
  • Develop and implement processes or controls in support of audit and risk requirements.
  • Collect evidence and craft responses for both internal audit requests and external regulatory agencies.
  • Act as a subject matter expert on security policies and help craft guidelines for them.

Requirements

  • Strong Splunk skill set with experience analyzing logs and security events.
  • Experience in intrusion analysis and interpreting web and application logs.
  • Knowledge of current exploits and experience identifying them from web and event logs.
  • 1-2 years of experience implementing and monitoring security alerting in AWS (IDS/WAF/GuardDuty/CloudWatch/CloudTrail/Shield).
  • Experience in threat intelligence to update or build new controls against threats.

Nice-to-haves

  • Comfortable with scripting languages and regular expressions.
  • Experience with Terraform for deploying infrastructure as code.
  • Strong knowledge of common network protocols.
  • Working knowledge of enterprise Client/Server architecture.
  • Experience with Linux, Windows, and mobile operating systems.
  • Experience doing packet captures and interpreting them using tools like Wireshark.
  • Understanding of stateful firewalls and ability to interpret firewall rules and logs.
  • Familiarity with web application attacks including SQL injection and cross-site scripting.

Benefits

  • Opportunity to work with AWS and Azure in a large financial institution.
  • Potential for full-time employment after initial contract period.
  • Gain experience across different platforms and skill sets.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service