IT Cyber Security Analyst I

REMOTE POSITION WITHIN GEORGIA

DESCRIPTION OF ESSENTIAL DUTIES:

• Monitors incident-specific procedures to perform a basic triage of potential security incidents to determine the nature and priority and eliminating obvious false positives, process health alerts, and process requests for information

• Develop procedures to perform light, time-boxed analyses of potential security incidents, attempting to gather required information and eliminate false positives

• Based on escalation procedures, determine potential security incidents and escalates, and implement countermeasures in response to others, perform light tuning (e.g., whitelisting) and recommend additional tuning

• Maintain awareness of the Insurance Technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by threat intelligence, and recent security incidents

• Provides status and metric reporting and adhering to internal operational security and policies; Document all actions taken in the ticketing system

• Performs security project work as assigned

OTHER RESPONSIBILITIES/REQUIREMENTS

• Continually improve the service by identifying and correcting issues or gaps in knowledge capital (analysis procedures, playbooks, network models), identifying and recommending new or updated tools, content, countermeasures, scripts, plug-ins, and other “glue”

• Perform peer reviews and consultations with other Cyber Security Analysts regarding potential security incidents

• Serve as a Subject Matter Expert in at least one security-related area (e.g., specific malware solution, python programming)

• Seek self-improvement and enhanced value by documenting a self-education roadmap and pursuing advancement to a Cyber Security Analyst II

QUALIFICATION, EDUCATION AND EXPERIENCE REQUIREMENTS: 

• Bachelor of Science in Computer Science or Information Management combined with five (5) years security or technology support experience required; Master’s degree may substitute for some work experience
• Certification include Security+, Certified Intrusion Analyst (GIAC), Certified Ethical Hacker (CEH)
• Experience with the following technologies: leading SIEM technologies, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP)
• Understanding of possible attack activities such as network probing/ scanning, Phishing, DDOS, malicious code activity, etc.
• Understanding of basic networking protocols such as IP, DNS, HTTP
• Basic knowledge in system security architecture and security solutions
• Must be a self-starter who can consistently produce quality deliverables in a remote work environment.

Preferred:

• Excellent interpersonal, organizational, oral, and writing skills
• Strong analytical and problem-solving skills
• Self-motivated to improve knowledge and skills
• A strong desire to understand “the what” as well as “the why” and “the how” of security incidents
• Previous experience in Server administration or application development
• Fundamental understanding of Computer Forensics

SUPERVISORY RESPONSIBILITIES:

• None

PHYSICAL DEMANDS/WORK ENVIRONMENT:

• Experience in a fast-paced support environment as a member of a 24x7x365 network and/or security operations team; Must be able to concentrate for long periods of time
• Must be able to lift and carry 25 pounds on occasional basis

EOE M/F/D/V AA

#LI-Remote