Search Jobs
Browse the latest opportunities at TPI.
Tech Providers, Inc.
https://techproviders.com/wp-content/uploads/2022/06/Logo-Color.png
https://techproviders.com
https://techproviders.com
true
Security Analyst II
Allegheny Pittsburgh, PA US
Posted: 07/27/2022
2022-07-27
2022-09-09
Job Number: 17410991
Job Description
Job Description
Position: Security Analyst II
Location: Allegheny Pittsburgh, PA 15203
Duration: 12+ Months
Job Summary:
Key Responsibilities:
Education:
Skills & Abilities:
The most valuable would be Splunk, PaloAlto, and Tanium. All three would be ideal but that combination may be hard to find. Candidates should have experience with a minimum of two or the tools below. Priority would be Splunk and PaloAlto FWs. If they have those two that’ s a huge plus. Tanium would be even more of a plus. Symantec and Proofpoint not required but would be a plus.
Position: Security Analyst II
Location: Allegheny Pittsburgh, PA 15203
Duration: 12+ Months
Job Summary:
- The Tier 2 Incident Response Analyst will serve as main point of contact for security events escalated by the Security Operations Center (SOC) and generated by other security monitoring tools.
- Responsibilities will include alert triage, incident handling, incident remediation/mitigation, intelligence gathering, threat hunting, policy/procedure writing, and incident report writing.
- This role will report to the Threat Management team and work closely with the Cybersecurity Engineering & Architecture team to enhance the security posture of the organization.
Key Responsibilities:
- Prioritize security events escalated by the SOC (Tier 1) and generated by security monitoring tools
- Investigate security events using firewall logs, SIEM logs, EDR tool, and other security tools to identify root cause
- Develop security event remediation/mitigation recommendations to enhance the security posture of the organization
- Escalate security events to Tier 3 that require additional resources to resolve.
- Respond to internal reports of suspicious activity by end users
- Investigate and respond to suspicious emails identified by email protection systems or reported by end users
- Participate in threat hunting activities and investigate potential threats based on current intelligence and information gathered from security events
- Provide detailed responses to incidents within the ticketing system
- Develop new and enhance existing incident response processes and playbooks
- Create detailed incident reports if needed
Education:
- Bachelor’ s degree in Cybersecurity, Information Technology, Computer Science, or equivalent
- 2+ years of experience as a Tier 2 Incident Response Analyst or equivalent
Skills & Abilities:
The most valuable would be Splunk, PaloAlto, and Tanium. All three would be ideal but that combination may be hard to find. Candidates should have experience with a minimum of two or the tools below. Priority would be Splunk and PaloAlto FWs. If they have those two that’ s a huge plus. Tanium would be even more of a plus. Symantec and Proofpoint not required but would be a plus.
- Splunk and Splunk ES
- PaloAlto Firewalls
- Tanium Core and Tanium Threat Response
- Symantec Endpoint Protection
- Proofpoint
- Basic understanding of computer networks
- Ability to troubleshoot complex problems by critical and outside the box thinking
- Strong ability to multi-task
- Strong written and verbal communications skills to interface with end users, provide senior leadership information on findings, and convey technical detail in a clear and concise manner
- Knowledge of security policy, procedure, and playbook writing
- Ability to meet targeted deadlines and resolve security events with minimal supervision
- Malware analysis
- Professional security certifications (Any of or similar to CISSP, GCIH, CYSA, Security+, etc.)