CISSP Jobs - Information Security Threat Hunter / Analyst, 12464

at Advantage Resourcing
Location Littleton, CO
Date Posted November 10, 2018
Category Default
Job Type Contractor

Description

Job Title:

Information Security Threat Hunter / Analyst - Littleton, CO

Job Description:

Information Security Threat Hunter / Analyst 

We are currently seeking a seasoned Information Security Threat Hunter / Analyst for a 12+month contractual opportunity with our client in Littleton, CO. The Analyst’s primary function is to identify and prioritize potential threats and identify trends. You will configure security solutions to identify threats; perform incident response, issue resolution, and assessment or communication of security risk to the enterprise and provide support by monitoring real-time security alerts, identifying and prioritizing potential threats. You will lead security incident investigations, complete and deliver complex security reports to management in business terms and analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise. Additionally, you will create correlations and other logic to identify attackers and defend the network against advanced attacks, and hunt for and identify threat actor groups and their techniques, tools and processes Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses, provide expert analytic investigative support of large scale and complex security incidents, and perform Root Cause Analysis of security incidents for further enhancement of alert catalog. 

Shift Responsibilities:

The Security Threat Hunter/Analyst is responsible for the following shift duties: 

  • Daily Traffic Review - replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst.
  • Report Run Verification - ensure customer reports run as scheduled
  • Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study
  • Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents
  • Handle Tier 2 event incident response, case management, and customer notification
  • Ensure security devices contain up-to-date signatures libraries
  • Assist with engineering tasks as necessary
  • Train SOC Level 1 Analysts on new attack signatures and attack methodologies
  • Providing process and operational improvement suggestions
  • Review and update documentation (such as SOPs and TTPs)
  • Complete vendor training as requested by Management
  • Subscribe to and review security mailing lists such as ISC SANS (isc.sans.edu)
  • View the Internet Storm Center on a daily basis for up-to-date news on recent Internet activity of note (http://isc.incidents.org)
  • Daily Case Management - the Security Analyst will review open cases and provide follow up that may be required 

Qualifications:

  • U.S. Based
  • 5+ years of Information Security experience
  • 5+ years Firewall management and rules analysis
  • 2-4 years of systems analysis
  • 2-3 years of working experience as a Managed Security Service Provider Tier-1/2 Analyst/Operator (Preferred)
  • 3-4 years of SOC or NOSC Analyst working experience
  • Threat Intelligence or Forensic background is a plus
  • Working knowledge of Linux and syslog from CLI
  • Proven ability and past experience performing moderately complex security analysis for information technology is required
  • Excellent writing and communications skills
  • Familiarization with a variety of information and network security monitoring tools (ArcSight SIEM, QRadar SIEM, Splunk, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool, and Imperva WAF, among others)
  • Ability to work in a dynamic team-centered environment 

Education Preferred:

BS Degree in Computer Information Systems or related field 

Industry Certifications:

Tier 3 Analysts should possess the background and experience necessary to obtain Industry or SOC specific certifications as instructed by management. Possible applicable certifications include, but are not limited to:

  • Certified Information Systems Security Professional (CISSP)
  • Information Systems Security Engineering Professional (CISSP-ISSEP)
  • Systems Security Certified Practitioner (SSCP)
  • CompTIA Security+
  • Certified Ethical Hacker (CEH)
  • Certified Security Analyst (ECSA)
  • Certified Incident Handler (ECIH)
  • CompTIA Cybersecurity Analyst (CSA+)
  • Information Technology Infrastructure Library (ITIL)
  • Cisco CCNA
  • Cisco CCNP + Security
  • GSEC
  • GCIH
  • GCIA
  • MCSE
  • Linux+

About Advantage Resourcing

At Advantage Resourcing, our primary objective is to perfectly align the best people with the appropriate jobs. These jobs may be temporary assignments or career positions. We place talented people in a wide variety of jobs working with our client companies in areas such as: engineering, IT, technical, manufacturing, skilled trades, distribution, call centers, clerical, accounting, finance and sales.

Our strength is being able to solve our clients workforce needs by matching people that have the right skills, knowledge and motivation to each opportunity. Advantage Resourcing can help you discover the personal and career success you desire.

The Company supports affirmative action and equal employment opportunity. The Company will provide equal employment in employment practices to all applicants for employment. Employment decisions shall be made without regard to any protected characteristic such as, but not limited to, race, color, religion, gender, age, disability, national origin, ancestry, citizen status, gender identity, sexual orientation, marital status, status in regard to public assistance, disabled veterans, recently separated veterans, Armed Forces service medal veterans and other protected veterans, genetic information and other legally protected classes. Furthermore, the Company is an E-Verify employer. Information provided on this application will not be used for any discriminatory purposes. The Company complies with all applicable federal, state and local non-discrimination laws and regulations. The Company will provide reasonable accommodations in the application or interviewing process. If you need a reasonable accommodation in the application or interviewing process, please contact us.

Additional Details:  

Job ID:
346494

Dept ID:
10600

Location:
Littleton, CO
United States of America

Industry:
Online / Full App

Job Type:
Temp Position
Folder Group ID
258

Posted Date:11/9/2018

Domain:arna