Job Description (from the job’s posting):
Security Analysts at AHEAD monitor customer environments and perform Incident Detection, Validation, and Incident Reporting. Security Analysts are the frontline of SOC and are customer-facing representatives.
Security Analysts are responsible for triaging events, incidents, and reporting validated incidents to the customer for incident response. Incumbents will possess strong technical and analytical skills while providing accurate analysis of security related problems. They have a well-rounded networking background and are responsible for performing troubleshooting of customer issues.
This individual is user focused and works to resolve client needs in a timely manner. These needs may involve resolving hardware/software failures, investigating and responding to security threats, and making change request to the security policy of company devices.
The Security Analyst is expected to monitor security feeds streaming from client servers, network devices, and end user workstations, operate and maintain network security equipment at client locations. The Analyst is expected to be familiar with a wide range of security tools and understand basic security fundamentals.
The Analyst will perform information security event analysis and must possess knowledge of operating systems, TCP/IP networking, network attacks, attack signatures, defense countermeasures, vulnerability management, and log analysis.
Your Responsibilities
- Monitor and analyze network traffic and alerts
- Investigate intrusion attempts and perform in-depth analysis of exploits
- Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
- Conduct proactive threat research
- Review security events that are populated in a Security Information and Event Management (SIEM) system
- Tuning of rules, filters and policies for detection-related security technologies to improve accuracy and visibility
- Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest
- Independently follow procedures to contain analyze and eradicate malicious activity
- Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
- Incident management, response, and reporting
- Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client
- Track trends, statistics, and key figured for each assigned client
- Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
- Reporting
- Incident reports
- Security status reports
- Client-facing security meetings
US Located Required: Yes
Location: Remote – United States
Schedule: Full time
Salary: USD 60K – 100K
