Sr Cyber Security OPS Analyst _New Hyde Park, NY (Hybrid onsite)

Xoriant - New Hyde Park, NY

posted 5 days ago

Full-time - Mid Level
New Hyde Park, NY
Professional, Scientific, and Technical Services

About the position

The Sr. Cyber Security Ops Analyst is responsible for security monitoring and incident response to internal and external threats. This role involves advanced threat analysis, collaboration with internal IT teams and Managed Security Service Providers (MSSP), and leading security monitoring projects to enhance the organization's security posture.

Responsibilities

  • Conduct investigations and respond to internal and external security threats.
  • Oversee, respond to, and remediate DLP (data loss prevention) and SIEM events from on-premise and cloud systems.
  • Implement advanced security monitoring techniques to identify malicious behavior on SaaS, cloud systems, network, servers, and endpoints.
  • Manage, administrate, and improve security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS, and other industry-standard security technologies.
  • Develop automation response scripts to remediate commodity threats.
  • Perform threat hunting activities to identify compromised resources.
  • Understand and perform threat analysis utilizing industry-standard frameworks (kill chain and diamond model).
  • Perform threat research and intelligence gathering to improve detection and response capabilities.
  • Propose and help review security plans and policies to improve the security environment.
  • Maintain operational playbooks, process diagrams, and documentation for security monitoring and response.
  • Review proposed Security deployments to ensure security monitoring requirements are met.
  • Provide off-hour support as needed for security monitoring and response activities.
  • Work closely with MSSP services, external forensic providers, and in-house IT teams to respond to and remediate security incidents.
  • Review compromised systems to identify root causes of security incidents and remediation actions that need to be taken.
  • Research new TTPs (tactics, techniques, and procedures) that threat actors are utilizing to undermine enterprise IT environments.
  • Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities.
  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable swift remediation.
  • Plan, implement, and document incident handling and response tasks and procedures.
  • Obtain information and stay up-to-date on the latest threats and security trends.

Requirements

  • Bachelor's degree in Computer Science or related field or equivalent combination of industry-related professional experience and education.
  • Working experience with Information Security, Network Security, and Security Monitoring and Incident Response.
  • Working experience with industry-standard security technologies and services such as Firewalls, VPN, IDS, Endpoint Security, DLP, AV, Proxy, SIEM.
  • Strong experience with SIEM event/log analysis and correlation.

Nice-to-haves

  • GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s).
  • Network/System Administration experience/background.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service