This site uses cookies. To find out more, see our Cookies Policy

Cyber Security Analyst in Atlanta, GA at Genesys Talent LLC

Date Posted: 2/24/2019

Job Snapshot

Job Description

Through our partners at Modis, we have 3 immediate needs for mid-level Cyber Security Analysts in the Atlanta, GA area (30329).  These are 6 month contract-to-hire opportunities that require an Active Secret Clearance.  This client offers tremendous career growth and advancement opportunities, along with a great work location right off of the interstate with free parking and restaurants within walking distance.  Please note that these positions involve working in a 24x7 Operation and shift work will be required.    
Clearance/Education Requirements:
  • Active Secret Clearance required
  • Bachelors Degree is required unless candidates have 10 years of Cyber Security specific experience.  

Job Description:The Cyber Security Analyst is part of the Security Monitoring and Response team which provides Department-wide 24x7 security, network system monitoring and incident handling. This includes monitoring, reporting, coordination and escalation, where applicable, of events and tracking of Department incidents. The Security Analyst is responsible for providing effective security monitoring and incident response through triage, investigation, communication, and reporting.
  • Provides technical support in System Architecture, System Design, System Integration and Technical Management.
  • Assists in providing technical input to the systems engineering process.
  • Leads teams in developing application and technical plans.
  • Guide customers in the installation and use of strategic products through education and guidance, first-rise and tuning assistance problem solving and critical situation resolution.

Qualifications/Education Requirements:
  • At least 7 years of relevant experience.
  • B.A. or B.S. Degree in Computer Science, Engineering or a related field or equivalent experience. Ten (10) Years of direct related experience in related field may be substituted for a Bachelor's Degree requirement.

Preferred Skills:
  • Perform all tasks required per shift including reporting, monitoring, and turnover
  • Assess incident severity and escalate as needed
  • Perform additional event/incident investigation and research as needed
  • Utilize internal guidelines for effective call processing, escalation and client service
  • Interact with network intrusion detection devices and other security systems  via proprietary and commercial consoles, both local and remote
  • Monitor and respond to alerts from network devices and work directly with vendors during circuit outages.

Additional Responsibilities:
  • An understanding of a wide array of server grade applications to include exchange, DNS, SMTP, IIS, Apache, Sharepoint, Active Directory, and other

Additional Notes:Preferred technical experience:
  • Experience with Microsoft Windows, LINUX, TCP/IP, UNIX, IP routing, internet connectivity and protocols (TCP/IP) VPNS, VLAN, NAT and security concepts
  • Understanding of basic network services
  • Experience with/knowledge of enterprise security information/event management (siem) systems, ids devices, firewalls, and/or antivirus management
  • Investigative and analytical problem solving skills
  • Understanding of security threat and attack countermeasures
  • Experience/knowledge of variety of intrusion detection/prevention platforms
  • Experience with VPN, SSL, other encryption methodology/technology a plus

Knowledge of/experience with the following:
  • Lancope (stealth watch)
  • Paloalto next gen firewalls
  • Fire Eye MPS
  • HP Arcsight
  • HP tipping point
  • Must have strong written and verbal communication skills
  • Attention to detail and great organizational skills
  • Ability to maintain focus while performing in depth log analysis
  • Ability to think outside the box when investigating events

More Details:
  • Escalate security investigations and analysis to day shift Tier 2 analysts and Research & Forensics (R&F)
  • Process investigations escalated from Tier 1 analysts and provide guidance as needed
  • Turnover
  • Conduct thorough packet capture (PCAP) analysis by looking for each PCAP instance and report any trends
  • Escalate relevant IOCs to R&F and HTOC to determine whether IOCs should be added to department feed and HTOC ThreatConnect
  • Report any trends on traffic associated with various types of security incidents identified by previous shift analysts
  • Create, track and escalate internal case investigations through network analysis
  • Contribute and review usefulness of open source blogs/feeds by following SOPs
  • Contribute to rotation (once per month) of informational whitepapers from the analysis team
  • Ensure there are no outstanding tasks for escalation to SOC leadership
  • Coordinate activities escalated from previous shift
  • Stay aware of any highly visible incidents and be prepared to brief SOC leadership on all details
  • Review Quality Awareness & Control documents be dissemination to entire SOC team
  • Coordinate with SD on any emails or RiskVision incidents, to include internal and external requests involving initial vetting of IOCs
  • Provide initial analysis and coordinate with SD on any required executive summaries (mission will determine the frequency)
  • Escalate incidents to Senior Analysts (Tier 2) for advice and senior level review
  • Contribute relevant Indicators of Compromise (IOCs) and other items of interest discovered during daily investigations to Tier 2 for vetting and assistance in determining whether or not they should be added to department feeds
  • Attend all department calls and take relevant actionable notes on reported incidents, then provide meeting minutes to CRS for technical writing review (e.g.US-CERT call, CCAR)
  • Triage all reports received per 3rd party, determine impact and escalate if necessary
  • Create Turnover Report for current shift
  • Research and review potential Threat Hunting/Personal Development Training/Tool Advancement Training
  • Address items and incidents from shift turnover
  • Support off hour analysis requests (e.g. inbox, email, etc.)
  • Report on weekly statistics from RiskVision on the number of cases/traffic notifications processed
  • Determine which cases and/or trends should be documented in turnover and reported to Tier 2 for further trending efforts
  • Address items from shift turnover and brief next shift on any pertinent news