Lead Cyber Security Analyst

Job Description

• Bachelor's Degree in Computer Science, Information Systems, or related degree + 4 years relevant experience or 12 years relevant experience
• Advanced certifications such as SANS GIACIAIH, CISSP or CASP and/or SIEM-specific training and certification
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, common security elements in a global multi-site international environment.
• In-depth knowledge of IT architecture, IT engineering, and IT operations of at least one enterprise SIEM platform (e.g., Symantec, Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)
• Proficiency with combinations of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security

• Safeguards information system assets by identifying and solving potential and actual security risks and resolving problems.
• Protects systems and information by identifying risks on access privileges, control structures, and identifying resources.
• Facilitates regular penetration tests (both Intranet and Extranet) with trusted vendor partners. The information obtained will lead to action plan and followed through completion.
• Implements security improvements by assessing current situation, evaluating risks and trends, and anticipating mitigation actions.
• Determines security violations and inefficiencies by coordinating and conducting periodic audits.
• Creates and Executes security test simulation attacks targeting users to create security awareness, training, and security practices/programs amongst users. Generating reports of findings and risk awareness on company's Intranet.
• Upgrades system by implementing and maintaining security controls.
• Keeps users informed by preparing performance reports, communicating system status.
• Maintains quality service by following organization standards.
• Maintains technical knowledge by attending educational workshops, reviewing publications.
• Contributes to team effort by accomplishing related results as needed.

• Bachelor's Degree in Computer Science, Information Systems, or related degree + 4 years relevant experience or 12 years relevant experience
• Advanced certifications such as SANS GIACIAIH, CISSP or CASP and/or SIEM-specific training and certification
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows), VMware technology, and Unix
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, common security elements in a global multi-site international environment.
• Hands-on experience analyzing high volumes of logs, network data (e.g., NetFlow, FPC), and other attack artifacts in support of incident investigations
• Experience with vulnerability scanning solutions
• Familiarity with the DOD Information Assurance Vulnerability Management program.
• Proficiency with combinations of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security
• In-depth knowledge of IT architecture, IT engineering, and IT operations of at least one enterprise SIEM platform (e.g., Symantec, Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)
• Experience developing and deploying signatures (e.g., Snort, YARA, Suricata, HIPS)
• Able to communicate complex technical information to non-technical audiences.

• all the important benefits you hope for, such as competitive compensation, a generous paid time off program, a 401k match, health insurance (medical, vision and dental), flexible schedules available with manager approval, and much more!