IT Security Analyst

San Antonio, TX

Posted: 06/27/2019 Job Number: JN -062019-10911
IT Security Analyst
SRG offers flexible staffing solutions with a national presence. We provide contract, contract-to-hire, direct hire and executive search services. SRG utilizes an innovative approach to identify and qualify talent that is unique to the Staffing industry, featuring a cutting-edge platform that allows us to rapidly and precisely match professionals to client requirements. We have a proprietary database of over one million candidates and maintain continuous contact with our qualified talent.
  • Location: San Antonio
  • Shift: M-F 1st shift and On-Call
  • Salary: $75,000-$90,000
  • Employment Type: Permanent
Environment: This customer has a culture of empowerment where team members are trusted with responsibility and decision making. Everyone is expected to take initiative and help when their skills are needed while demonstrating leadership and teamwork. Wouldn t you want to work for a company like that?!
Be part of a Managed Security Service Provider (MSSP) with the main goal of protecting customer data while still making technology available, productive and secure.

Working within our Security Operations Center (SOC), the IT Security Analyst is responsible for reviewing system log events and data packets to determine whether activity is normal or malicious. The Security Analyst will ensure that aspects of the customers environments are identified and understood to enable accurate actionable reporting for other tiers. Analysts will also participate in developing processes, procedures, training, etc. for new technologies. Strong knowledge of incident response principles and phases.
  • Performing systems and network analysis of intrusions to customers network infrastructure, applications, operating systems, firewalls, proxy devices, malware detection and more and work as part of the team conducting preliminary incident response, event analysis and threat intelligence.
  • Conduct initial and ongoing tuning of customers environments from on-boarding to day 2.
  • Participate in solutions development for new products as they are introduced to the organization.
  • Handling escalations from Security Specialists and Associate Analysts.
  • Reviewing security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives.
  • Providing both strategic analysis and near real-time auditing, investigating, reporting, and remediation, coordinating and tracking of security-related activities for customers.
  • Performing correlation of events from network, enterprise and host sensors.
  • Assisting in compliance efforts, processing security-related services, change controls, security research.
  • Conducting vulnerability testing.
  • Expanding organizational knowledge by contributing to Knowledge Base.
  • Mentoring junior tiers in the organization on security concepts and ideas.
  • Able to perform other duties as assigned.
  • Bachelor's Degree in Information Technology, Cyber Security or related field.
  • 5+ years experience in an information technology role.
  • 5+ years Cyber Security related experience.
  • Preferably MSSP work environment/experience OR SOC experience.
  • Knowledge of web application security and in vulnerability management required.
  • SIEM experience (working knowledge of use cases, reporting and trending, rules creation) such as Cyguard, FortiSIEM, Arcsight, QRadar.
  • IPS/IDS: Writing signatures or investigating events.
  • Experience with packet analysis tools, such as Wireshark.
  • Perform basic hunt activity for enterprise network.
  • OS knowledge for various versions of UNIX, LINUX, and Windows.
  • Experience across web and desktop applications, cloud computing.
  • Strong understanding of network protocols TCP/IP, 802.11, layer 2 and 3 switching, DHCP, DNS, network security, cloud computing and troubleshooting skills.
  • Excellent analytical and problem-solving skills with ability to evaluate information from multiple sources and provide recommendations to enterprise organizations.
  • Hands-on experience with security products including intrusion detection systems (Snort/SourceFire), endpoint solutions (McAfee, Cisco AMP) and firewalls (CheckPoint, Cisco PIX, PALO).
  • Operating systems knowledge and systems administration skills for various versions of UNIX, LINUX, and Windows and ability to read and understand Windows logs.
  • One or more of the following certifications is desired (not required): CISSP, GCIA, GCIH, CySA, CASP.
  • Basic understanding of scripting languages (doesn t need to be able to script but able read/analyze scripting languages).
  • Must be self-directed, able to manage individual projects or act as part of a larger team.
  • Must be able to manage multiple customers environment at any given time.

Apply Online

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.