4800 Deerwood Campus Parkway, Building 100, Jacksonville, Florida, United States, 32246
Notes from Hiring Manager: SIEM (Security Information and Event Management). Used to develop alerting for incident response, perform investigations, manage IT infrastructure to identify issues, centralized logging, correlation alerts, analytics, and more...
SIEM products are made by a variety of different vendors. Qradar (IBM), Splunk, Microsoft Sentinel, Arcsight, Security Onion, etc. Would like them to have experience developing rules in more than one SIEM. More than one technology. Deep skills in one would be fine, but exposure to more than one would be useful.
For most people, working in a security operations Center (SIEM) or using it for incident response isn't deep enough. We need skills building the alerts - which could also be threat hunting type skills. Strategic thinkers over tactical.
Job Summary: Cybersecurity Threat Analyst, under limited supervision, develops, maintain, and implement comprehensive information security monitoring and threat analysis processes and programs. Cybersecurity Threat Analysts assist with defining cybersecurity event response policies, processes and standards for large and complex environments. They are responsible for comprehensive threat analysis to include recommending appropriate course of action and escalation. Perform various cybersecurity assessments to identify deviations from standard security configurations, inappropriate modification or activities and proactively identify weaknesses in safeguards. Assist within cyber event response by cooperating with third-party incident response teams and law enforcement agencies by providing logs, reports, alert notifications, and other requested information.
Essential Functions
The essential functions listed represent the major duties of this role, additional duties may be assigned.
Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks and threats.
Proactively and automatically correlates and analyzes threat data from various sources and analyzes network events to establish the identity and modus operandi of malicious users active in the computing environment or posing potential threats to the computing environment
Independently, but with some level of guidance from Senior Cybersecurity Threat Analyst, conducts industry research and technical evaluation of all-sources and vendor supplied intelligence--with specific emphasis on network operations and advanced and sophisticated cyber tactics, techniques, and procedures
Preparing assessments and cyber threat profiles of current events based on collection, research and analysis of open source information
Proven technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats
Proven technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances
Demonstrated knowledge of information threat analysis and detection concepts and principles and impact
Working with and managing vendor performance including applicable service level agreements
Conducts and, at times, leads root cause analysis of any monitoring alerts and threats identified by third-party vendor, or internal systems and workforce. Once root cause is determined, proposes and works with other teams, if required, to implement appropriate security controls and solutions that will mitigate risk and vulnerabilities, as well as safeguard our systems and data.
Assists in the preparation of detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders
Periodically provides briefings and presentations to colleagues and leadership supporting analysis of cyber threats
Develops and maintains documentation of security monitoring activities, threat response procedures and security diagrams
Assists remediation actions as a result of threat and vulnerability assessments or audits
Provides training to others on security capabilities, processes, procedures and operational tasks
Required Work Experience
5+ years related work experience
4+ years in Cybersecurity/1+ years Information Technology Infrastructure
Required Education
Related Bachelor’s degree or additional related equivalent work experience Computer Information Systems with Cybersecurity
Required Licenses and Certifications
Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) (within 180 Days if converted to FTE)
Additional Required Qualifications:
Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats
Strong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances
Demonstrated knowledge of information threat analysis and detection concepts and principles and impact
Experience working and managing vendor performance and service level agreements
Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.
Strong technical knowledge of current systems, software, protocols and standards. (Including TCP/IP and network administration/protocols).
Experience developing, documenting and maintaining security procedures.
In-depth knowledge of operating systems and security applications
Demonstrated ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
Ability to manage tasks independently and take ownership of responsibilities
Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks
Ability to evaluate complex, multi-sourced security intelligence artifacts and summarize for consumption by internal stakeholders.
Additional Preferred Qualifications:
Exposure to Project Management methodologies like Waterfall, Agile, Lean or SAFe methodologies
Note: The Company is committed to complying with the California Privacy Rights Act (“CPRA”) effective January 1, 2023; and all data privacy laws in the jurisdictions in which it recruits and hires employees. A Notice to California Job Applicants Regarding the Collection of Personal Information can be located on our website. Applicants with disabilities may access this notice in an alternative format by contacting NAhr@spectraforce.com.Position is offered by a no fee agency. Location : 4800 Deerwood Campus Parkway, Building 100, Jacksonville, Florida, United States, 32246 About Us: Established in 2004, SPECTRAFORCE® is one of the largest and fastest-growing diversity-owned staffing firms in the US. The growth of our company is a direct result of our global client service delivery model that is powered by our state-of-the-art A.I. proprietary talent acquisition platform, robust ISO 9001:2015/ISO 27001 certified processes, and strong and passionate client engaged teams. We have built our business by providing talent and project-based solutions, including Contingent, Permanent, and Statement of Work (SOW) services to over 140 clients in the US, Canada, Puerto Rico, Costa Rica, and India. Key industries that we service include Technology, Financial Services, Life Sciences, Healthcare, Telecom, Retail, Utilities and Transportation. SPECTRAFORCE is built on a concept of “human connection,” defined by our branding attitude of NEWJOBPHORIA®, which is the excitement of bringing joy and freedom to the work lifestyle so our people and clients can reach their highest potential. Learn more at: http://www.spectraforce.com
Benefits: SPECTRAFORCE offers ACA compliant health benefits as well as dental, vision, accident, critical illness, voluntary life, and hospital indemnity insurances to eligible employees. Additional benefits offered to eligible employees include commuter benefits, 401K plan with matching, and a referral bonus program. SPECTRAFORCE provides unpaid leave as well as paid sick leave when required by law.
Equal Opportunity Employer: SPECTRAFORCE is an equal opportunity employer and does not discriminate against any employee or applicant for employment because of race, religion, color, sex, national origin, age, sexual orientation, gender identity, genetic information, disability or veteran status, or any other category protected by applicable federal, state, or local laws. Please contact Human Resources at LOA@spectraforce.com if you require reasonable accommodation. At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $55.00/hr.
