Cyber security Analyst

Brothers Consulting
Alpharetta, GA
05 Feb 2025

Vacancy expired!

Job Title: L3 Lead Analyst SME – SIEM & VM

Location: Alpharetta class="xxxContentPasted0" aria-hidden="true"

Duration: 2/8/23 – 12/31/23

Note: onsite day one class="xxxContentPasted0" aria-hidden="true" W2 AND C2C( H1B, EAD) class="xxxContentPasted0" aria-hidden="true" class="xxxContentPasted0" aria-hidden="true"

Require Skills: SIEM,VM tools, PowerShell or Python class="xxxContentPasted0" aria-hidden="true" class="xxxContentPasted0" aria-hidden="true"

L3 Lead Analyst class="xxxContentPasted0" aria-hidden="true" Subject Matter Expert – SIEM & VM class="xxxContentPasted0" aria-hidden="true" class="xxxContentPasted0" aria-hidden="true" Responsibilities class="xxxContentPasted0" aria-hidden="true" • The primary focus for this role is to act as a Subject Matter Expert for any SIEM & VM solution and be able to configure, manage, operate, and administrate the platform. class="xxxContentPasted0" aria-hidden="true" • Communicate and execute the required upgrades to the SIEM & VM platform to address bug fixes, compatibility issues, and enhancements following the change management process class="xxxContentPasted0" aria-hidden="true" • Recommendation and implementation of proactive measures to enhance accuracy and effectiveness of SIEM solution. class="xxxContentPasted0" aria-hidden="true" • Ensure clear testing processes before production go-live is well documented and ensure general troubleshooting of the endpoint suite. class="xxxContentPasted0" aria-hidden="true" • Daily compliance check and proactively remediate any systems not reporting to SIEM solution. class="xxxContentPasted0" aria-hidden="true" • Analyze and assess security incidents and escalate to client resources or appropriate internal teams for additional assistance. class="xxxContentPasted0" aria-hidden="true" • Handling escalation from L1 & L2 analysts. class="xxxContentPasted0" aria-hidden="true" • Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs class="xxxContentPasted0" aria-hidden="true" • Perform root cause analysis to quickly recover from service interruptions, and to prevent recurring problems. class="xxxContentPasted0" aria-hidden="true" • Design dashboard reports, and queries that correctly display accurate data, maintenance, and upgrade plans to ensure endpoint products are clearly defined and communicated. class="xxxContentPasted0" aria-hidden="true" • Strong knowledge in integrating Cloud infrastructure such as AWS, Google Cloud Platform, Azure with SIEM. class="xxxContentPasted0" aria-hidden="true" • Configure backups, verify custom reports, manage log source groups, and validate log sources with client class="xxxContentPasted0" aria-hidden="true" • Establish and maintain operational SOPs for all responsible areas and technologies. class="xxxContentPasted0" aria-hidden="true" • Lead change, incident, and problem management for Devo, Exabeam and Qualys platform including creating change requests, incident Reports and Root Cause Analysis (RCA) reports. class="xxxContentPasted0" aria-hidden="true" • Monitor vendor SLAs, perform a regular review with vendor management and report to client. class="xxxContentPasted0" aria-hidden="true" • Responsible for major SIEM client environmental changes including upgrades. class="xxxContentPasted0" aria-hidden="true" class="xxxContentPasted0" aria-hidden="true" Required skills: class="xxxContentPasted0" aria-hidden="true" Formal Education & Certifications class="xxxContentPasted0" aria-hidden="true" • Bachelor’s degree in computer science, information systems, computer engineering, system analysis, or a related field, or equivalent work experience. class="xxxContentPasted0" aria-hidden="true" • Preferred industry-relevant certifications like OSCP, CISA, CISSP, CCSP, CISSP, CDPSE, ISSAP, SANS or equivalent Information Security certifications. etc. added advantage. class="xxxContentPasted0" aria-hidden="true" • Platform Certification on Devo, Qualys and Exabeam will be an advantage. class="xxxContentPasted0" aria-hidden="true" Knowledge & Experience class="xxxContentPasted0" aria-hidden="true" • 10+ years of overall experience with 5+ years as Security Lead including architecture design and deployment, Investigation, endpoint compliance class="xxxContentPasted0" aria-hidden="true" • Strong understanding of security incident management, malware management and vulnerability management processes class="xxxContentPasted0" aria-hidden="true" • Hands-on experience on SIEM & VM tools like Devo, Qualys, Exabeam and Splunk. class="xxxContentPasted0" aria-hidden="true" • Working knowledge of PowerShell and or Python. class="xxxContentPasted0" aria-hidden="true" • Strong experience designing, deploying, and maintaining EDR and DLP platforms on both Windows and Non-Windows systems. class="xxxContentPasted0" aria-hidden="true" • Experience In defining use cases for playbooks and runbooks. class="xxxContentPasted0" aria-hidden="true" • Should be good with handling major Virus outbreak incidents and setting up prevention policies in Endpoint Security tools. class="xxxContentPasted0" aria-hidden="true" • Knowledge of industry standards/regulations such as ISO, NIST, PCI-DSS, PSD2, SOX, GDPR, MITRE CWE, MITRE ATT&CK etc. Good understanding of ITIL process specifically Incident, Change, Problem, Service Request, and Escalations. class="xxxContentPasted0" aria-hidden="true" • Experience in understanding log types and log parsing. class="xxxContentPasted0" aria-hidden="true" • Experience in Vulnerability Assessment and Penetration testing using industry standard tools such as Vulnerability Scanners for e.g. Qualys, Nexpose, Tenable , NMap, BurpSuite, ZAP, OWASP tools, Kali Linux tools, and Fuzzing tools. class="xxxContentPasted0" aria-hidden="true" • Deep understanding of TCP/IP network protocols and understanding of network security and popular attack vectors. class="xxxContentPasted0" aria-hidden="true" • Strong foundation and in-depth technical knowledge in computer security, network security, cryptography, and/or similar fields. class="xxxContentPasted0" aria-hidden="true" • Good understanding of regex and sql queries and experience in parser development for unsupported log sources and custom applications class="xxxContentPasted0" aria-hidden="true" class="xxxContentPasted0" aria-hidden="true" Personal Attributes: class="xxxContentPasted0" aria-hidden="true" • Strong written and oral communication skills. class="xxxContentPasted0" aria-hidden="true" • Leadership skills & comfortable working in Shifts. class="xxxContentPasted0" aria-hidden="true" • Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. class="xxxContentPasted0" aria-hidden="true" • Strong situational analysis and decision-making abilities. class="xxxContentPasted0" aria-hidden="true" • After-hours availability required class="xxxContentPasted0" aria-hidden="true" • Detail oriented with strong organizational and analytical skills.
  • ID: #49026833
  • State: Georgia Alpharetta 30004 Alpharetta USA
  • City: Alpharetta
  • Salary: $50 - $60
  • Job type: Contract
  • Showed: 2023-02-05
  • Deadline: 2023-04-04
  • Category: Et cetera