Security Analyst
$50,000 - $60,000
Security Analyst Job Description
Overview
Provide needs analysis to help identify threats, investigate security events, and respond to incidents. RADAR isn't your run-of-the-mill security monitoring service and Security Analysts are a lot more than your typical SOC log review analysts.
Provide no-blind spots approach to security monitoring and includes the collection of security events and data from a myriad of sources. While RADAR has some outstanding built-in intelligence to analyze this data, there is just no substitute for human security expertise. This is where the Secuirty Analyst comes in.
Security Analysts utilize the information available through RADAR to perform technical investigations of potential threats to our clients information assets and provide expert technical guidance during incident response efforts.
During the investigation phases, Security Analysts will leverage technical information such as intrusion detection alerts, Firewall events, system and application logs, full packet captures, and even endpoint process tracking to identify the root cause of the attack, determine whether the attack was successful, and provide notification to the client.
The Security Analyst plays an integral role during the incident response phase. When security incidents are identified, the Security Analyst is responsible for interfacing with clients directly and providing expert guidance to help respond to the incident. This will include elements such as advising clients on specific defensive actions to take, identifying additional indicators of compromise, and depending on the Security Analyst's skill set, malware analysis and forensic examination.
Demonstrable Skills and Capabilities:
- Strong interpersonal, organizational, communication, and writing skills Being a Security Analyst means engaging with clients; meeting their objectives and communicating the details associated with potential threats is critical to success.
- You must be the expert in the room, and able to communicate and support your recommendations.
Independent investigative skills:
- The Security Analyst must be able to make sense of the technical information at their disposal.
- This includes the capability to investigate technical elements they might never have seen before. While senior Analysts are available to provide assistance, it's up to the Security Analyst to investigate the issue prior to escalation.
Required Technical Skills
- Working knowledge of the TCP/IP suite of protocols
- Difference between TCP and UDP
- Purpose of a subnet mask
- Role of TCP and UDP ports in network communication
- Conceptual knowledge of network and systems architecture
- Network segmentation (eg, DMZ)
- Intrusion Detection Systems
- Web application architecture
Active Directory
- Solid understanding of how major application layer protocols function (eg, HTTP, SMTP, DNS)
- Basic knowledge of categories of malware and how they function (eg, rootkits, trojans, adware)
- SQL Injection
- Brute force attacks
- Portscans
- Malware infection vectors
- Phishing attacks
- Driveby/Redirection attacks
Optional Skills
Certifications are always a plus, but not required:
- CISSP
- GCIH
- GCIA
- GSEC
- Programming/Scripting (eg, Perl, Python, Ruby)
- Network traffic analysis skills
- Comfortable in multiple operating systems (Windows, Linux, Unix, OSX)
- Prior experience with SIEM technologies
- Prior experience in a network or security operations center
Miscellaneous Bits
- Cross training opportunities with assessment team
- Penetration Testing
- Vulnerability Assessments
- Established roadmap for growth within
- Great resume builder as you'll be working with a wide range of technologies (we'd rather you stay with us of course, but we understand the industry)
- Help guide the development of RADAR; if you see an area for improvement, be part of building that enhancement
- You'll be part of a team so feel free to ask for help or offer it
- Position located in Greater Philadelphia area (relocation assistance is not available)
|
|
 | |
