Cybersecurity Analyst

Cambridge Associates - Boston, MA

posted about 1 month ago

Full-time - Mid Level
Boston, MA
Securities, Commodity Contracts, and Other Financial Investments and Related Activities

About the position

The Cybersecurity Analyst position at Cambridge Associates LLC focuses on incident response and intrusion detection. The role involves monitoring, analyzing, and responding to security alerts and incidents to enhance the security posture of the organization's networks and systems. The ideal candidate will work collaboratively within the Incident Response Team and other IT teams, demonstrating strong communication skills and the ability to work independently while being part of a team. This hybrid position requires some in-person work at the Arlington, VA office and includes on-call responsibilities.

Responsibilities

  • Validates, enforces, and operates information system security controls and countermeasures.
  • Analyzes and recommends security controls and procedures in the acquisition, development, and change management lifecycle of information systems, and monitors for compliance.
  • Works as a primary incident response analyst, responding to alarms, creating, and closing cases in the SIEM.
  • Performs custom detections to identify currently exploited vulnerabilities, 0-day exploits, and other critical security threats.
  • Keeps abreast of new and existing cyber threats to enhance detection & response capabilities by creating custom indicators across all detection and monitoring technologies.
  • Identifies, reports, and participates in activities during information security incidents as part of an Incident Response Team; reviews and responds to security alerts to investigate malicious activity.
  • Develops, refines, and tests custom incident response playbooks.
  • Participates in on-call after-hours incident escalation.

Requirements

  • Bachelor's degree in computer science, information technology, or a related field.
  • 1-2 years of experience working in a SOC/CSIRT or other cybersecurity-related position.
  • Strong understanding of computer networking such as TCP/UDP and ports/protocols.
  • Strong understanding of security technologies such as IDS/IPS, firewalls, SIEM/EDR.
  • Experience with SIEM technologies: LogRhythm, Splunk, QRadar, Microsoft Sentinel, ArcSight.
  • Experience with EDR technologies: Microsoft Defender, Carbon Black, CrowdStrike, SentinelOne.
  • Ability to read, understand, and explain security telemetry data: Packet capture data (pcap), Logs (Firewall, Proxy, Endpoint, etc.).
  • Must be self-driven and take initiative.
  • Must possess strong analytical and problem-solving skills.
  • Must work well individually and with others, as part of a team.
  • Must possess excellent verbal and written communication skills.

Nice-to-haves

  • Knowledge of Cybersecurity concepts including practical applications of cryptography, authentication and authorization, access control, security architectures, threat modeling, vulnerabilities, and software security.
  • Experience working in a SOC or CSIRT as an intrusion detection or incident response analyst.
  • Experience using the MITRE ATT&CK Framework and developing solutions and monitoring protocols to identify and respond to known adversary TTPs.
  • Experience or knowledge of Antivirus and NDR tools.
  • Experience working with Threat Intelligence tools to monitor and respond to the ever-evolving threat landscape.

Benefits

  • Competitive salary
  • Robust and comprehensive benefits program
  • Opportunities for career development
  • Supportive and inclusive work culture

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service