| Need Incident Response Analyst ( information security analyst) - Hybrid - Rockville MD at Rockville, Maryland, USA |
| Email: [email protected] |
|
http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=2177437&uid= From: Prabhu, VisionSoft International Inc [email protected] Reply to: [email protected] Need Incident Response Analyst ( information security analyst) Location: Rockville MD Hybrid F2F (final round) Local preferred Long term contract. 100% suitable candidate will get an interview. (Incident handling tasks during different phases of Computer Security Incident Response (CSIR) - monitoring, research, analysis of security alerts and events) Key Responsibilities Monitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows, Linux, and Unix), and databases Separate true threats from false positives using network and log analysis and escalate possible intrusions and attacks Initiate tickets, document, and escalate to leadership Maintain a strong awareness of the current threat landscape Track and document cyber defense incidents from initial detection through final resolution. Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness). Gather and analyze information for defining requirements, specifications and issues to support the development of new policies, standards and procedures or update existing ones. Work with a team of diverse individuals and cross-functional teams to solve unique and complex problems with broad impact on the business. Provide clear updates to management on security incidents; Investigate, document, and report on forensic investigations Able to exercise discretion and maintain confidentiality Proficient in reporting and answering analytical questions using vulnerability data Basic Qualifications Excellent teamwork skills Knowledge of and experience with intrusion detection/prevention systems and SIEM software Strong knowledge and understanding of network protocols and devices. Strong experience with Mac OS, Windows, and Unix systems. Ability to analyze event logs and recognize signs of cyber intrusions/attacks Ability to handle high pressure situations in a productive and professional manner. Strong written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team Ability to provide tuning recommendations for security tools to tool administrators. Strong knowledge of the following: SIEM Packet Analysis SSL Decryption Malware Detection EDR Network Monitoring Tools Email Security Data Loss Prevention Anti-Virus Preferred Qualifications Experience with security frameworks (i.e., Mitre Attack, Cyber Kill Chain, etc.) Experience in network/host vulnerability analysis, intrusion analysis, digital forensics, or related areas 2-4 years of hands-on SOC/TOC/NOC experience GCIA, GCIH, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred Understanding of programming/scripting languages and ability to run basic database queries Education Minimum bachelors degree in Information Security, Computer Science, or another IT-related field. Exceptional candidates with proven experience in security/network operations will also be considered. Thanks & Regards, Prabhu VisionSoft International Inc. Lawrenceville,GA-30044 Mail ID: [email protected] ISO 9001:2015 Certified MBE Certified by NMSDC Keywords: information technology Georgia Idaho Maryland Need Incident Response Analyst ( information security analyst) - Hybrid - Rockville MD [email protected] http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=2177437&uid= |
| [email protected] View All |
| 10:09 PM 14-Feb-25 |