Remote with occasional travel - Network Security Analyst role in Austin, TX

Full Job Description

JOB DESCRIPTION

 

POSITION: Network Security Analyst with state client experience 

DURATION: Long Term

Location: Austin, TX – Remote – Occasional Onsite Presence

Should Be Local To TEXAS

NO. of Positions: 2

Last Date for Submission: 02/11/2024

Level Description

1-3 years of experience in the field or in a related area. Has knowledge of commonly used concepts, practices, and procedures within a particular field. Relies on instructions and pre-established guidelines to perform the functions of the job. Primary job functions do not typically require exercising independent judgment.

Job Description

A network security analyst ensures that information systems and computer networks are secure. This includes protecting the company against hackers and cyber-attacks, as well as monitoring network traffic and server logs for activity that seems unusual. Additionally, these analysts are responsible for finding vulnerabilities in the computer networks and creating recommendations for how to minimize these vulnerabilities. The network security analyst investigates security breaches, develops strategies for any security issues that arise, and utilizes the help of firewalls and antivirus software to maintain security.

Additional job details and special considerations

The candidate will need to be in Texas and should be available to be on-site at Austin when requested for an on-site work. The position will be hybrid with complete remote possibility.

 

II. CANDIDATE SKILLS AND QUALIFICATIONS

 

Minimum Requirements:

Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.

Years

Required/Preferred

Experience

3

Required

Utilize EDR/XDR platforms, including NetWitness, SentinelOne, Microsoft Defender for Endpoint, and related products, to correlate data from various network and security tools across the network.

3

Required

Research, document, and present threat hunting research on cyber threat actors specifically targeting business operations, information networks, and data.

3

Required

Leverage cyber threat hunting frameworks including PEAK, Sqrrl, and TaHiTI, to develop threat hunting hypotheses, determine scope, ensure repeatable processes, define outputs, and measure success in malicious behaviors detected, vulnerabilities Client.

3

Required

Employ threat modeling methodologies such as STRIDE, TRIKE, MITRE Telecommunication&CK, and PASTA, to identify potential vulnerabilities, attack vectors, and threat actors specifically targeting networks, data, and users.

3

Required

Develop, maintain, and update threat hunting program documentation, including policies, SOPs, and playbooks, in accordance with industry, DIR, and guidelines and documentation standards.

3

Required

CTI analyst experience within a security operations center (SOC), providing support to internal cybersecurity Incident Response teams or external cybersecurity engagements on managed security services (Client) teams in large-scale organizations.

5

Preferred

Experience with dynamic and static malware analysis tools and techniques, such as Trellix, IDA Pro, and Ghidra, as well as open-source tools such as Wireshark, VirusTotal, Hybrid Analysis, and Joe Sandbox.

5

Preferred

OSINT analyst experienced in utilizing brand and dark web intelligence tools such as Palo Alto XPANSE, Flashpoint, Recorded Future Intelligence Cloud, or Digital Shadows SearchLight.

5

Preferred

Utilize industry research, team meetings, collaboration with IT and business units, in-depth understanding of clients strategic objectives, and candidate's experience with NetWitness, SentinelOne, and Microsoft Defender for Endpoint.

5

Preferred

Perform scheduled and ad-hoc meetings with relevant software and other technical vendors such as NetWitness, SentinelOne, and Microsoft, to provide feedback on current EDR/XDR usage, performance, and utilization criteria.

5

Preferred

Troubleshoot, research, and resolve systemic issues in EDR/XDR tools, including NetWitness, SentinelOne, and Microsoft Defender for Endpoint, providing short-, medium- and long-term solutions to improve and maintain desired performance levels.

5

Preferred

Assist in data parsing and normalization in NetWitness, SentinelOne, and Microsoft Defender for Endpoint on data streams both existing and new, leveraging advanced knowledge of scripting languages like Python and PowerShell.

5

Preferred

One or more of the following certifications: NetWitness Analyst, SentinelOne IR Engineer, Microsoft Security Operations Analyst Associate, GCTI, GCFA, GREM, GCIH, GDAT.