Search Jobs

Browse the latest opportunities at TPI.

Security Analyst II

Allegheny Pittsburgh, PA

Posted: 07/27/2022 Job Number: 17410991

Job Description

Job Description
Position:  Security Analyst II
Location: Allegheny Pittsburgh, PA 15203
Duration: 12+ Months

Job Summary:
  • The Tier 2 Incident Response Analyst will serve as main point of contact for security events escalated by the Security Operations Center (SOC) and generated by other security monitoring tools.
  • Responsibilities will include alert triage, incident handling, incident remediation/mitigation, intelligence gathering, threat hunting, policy/procedure writing, and incident report writing.
  • This role will report to the Threat Management team and work closely with the Cybersecurity Engineering & Architecture team to enhance the security posture of the organization.
 
Key Responsibilities:
  • Prioritize security events escalated by the SOC (Tier 1) and generated by security monitoring tools
  • Investigate security events using firewall logs, SIEM logs, EDR tool, and other security tools to identify root cause
  • Develop security event remediation/mitigation recommendations to enhance the security posture of the organization
  • Escalate security events to Tier 3 that require additional resources to resolve.
  • Respond to internal reports of suspicious activity by end users
  • Investigate and respond to suspicious emails identified by email protection systems or reported by end users
  • Participate in threat hunting activities and investigate potential threats based on current intelligence and information gathered from security events
  • Provide detailed responses to incidents within the ticketing system
  • Develop new and enhance existing incident response processes and playbooks
  • Create detailed incident reports if needed
 
Education:
  • Bachelor’ s degree in Cybersecurity, Information Technology, Computer Science, or equivalent
  • 2+ years of experience as a Tier 2 Incident Response Analyst or equivalent
 
Skills & Abilities:
The most valuable would be Splunk, PaloAlto, and Tanium. All three would be ideal but that combination may be hard to find. Candidates should have experience with a minimum of two or the tools below. Priority would be Splunk and PaloAlto FWs. If they have those two that’ s a huge plus. Tanium would be even more of a plus. Symantec and Proofpoint not required but would be a plus.
  • Splunk and Splunk ES
  • PaloAlto Firewalls
  • Tanium Core and Tanium Threat Response
  • Symantec Endpoint Protection
  • Proofpoint
  • Basic understanding of computer networks
  • Ability to troubleshoot complex problems by critical and outside the box thinking
  • Strong ability to multi-task
  • Strong written and verbal communications skills to interface with end users, provide senior leadership information on findings, and convey technical detail in a clear and concise manner
  • Knowledge of security policy, procedure, and playbook writing
  • Ability to meet targeted deadlines and resolve security events with minimal supervision
  • Malware analysis
  • Professional security certifications (Any of or similar to CISSP, GCIH, CYSA, Security+, etc.)

Meet Your Recruiter

Steve Simmons

Apply Online

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.