Job Title Information Security Operations Analyst [REMOTE]
Location – San Diego, CA
Duration 12+ Months Contract
Total Hours/week – 40.00
1st Shift
Client: Medical Device Company
Job Category: Operations
Employment Type: Contract on W2 (Need US Citizens Or GC Holders Only)
No H1bs
Temp to hire
Remote position
Video interviews
Must haves on the resumes: previous Monitoring and Detection experience and any tool usage (Splunk, SIEM, Sentinel, etc.)
Description:
This person has experience with detecting and responding to information security incidents, maintaining, and following procedures for security alerting, and supporting security investigations. You are comfortable performing activities around monitoring, researching, classifying, and analyzing security events that occur focus on our hosted solutions platform.
This person has experience assisting with network analysis, intelligence tools and working across a matrixed environment to assess indicators and triage risk. You are comfortable providing fact-based reports to various levels of the organization within a fast-paced environment. You have previous SOC and Security Information Event Management (SIEM) experience, understand the fundamentals of reducing attack surfaces, and possess effective analytical skills.
Key Responsibilities (Top Tasks & Outcomes for Which This Position Will be Accountable)
Performs network security analysis, log-centric analysis (SIEM) and other security tools
Monitoring intrusion detection systems and identifying host and network-based intrusions via intrusion detection technologies
Triage alerts, collect data (i.e. full packet capture, application server logs, etc.) and diagnose observed activity
Recognize threats and conduct analysis on those threats
Provide written analysis of findings to communicate potential risks and impact in detailed reports
Understand and report attacker Indicators of Compromise (IOCs)
Analyze large volumes of network data for specific patterns or anomalies, to trend network activity
Provide attack surface management training and development
Manage risk reporting and escalation to cross-functional teams in a cooperative manner
Must be able to work a flexible schedule, as needed, within a 24/7 Security Operations Center
Other responsibilities as necessary
Perform risk identification and triage with incident management
Assist with additional projects as needed
Skills and Knowledge Required
Strong communication and project management skills
Ability to understand internal controls and apply them to evaluate security and business processes
Requires a highly motivated, dynamic and customer-centric associate who thrives in a challenging and changing environment
Ability to prioritize projects based on importance and urgency
Effective meeting management and group facilitation skills
Effective meeting management and group facilitation skills
Working knowledge of crisis management communication, incident response and handling methodologies, NIST cybersecurity standards and FDA cybersecurity guidance, preferred.
Experience
2-3 years experience in a security operations full-time role
Educational
A minimum of a bachelors degree required. Ideal candidate will have a degree in computer science, communication, or other technical discipline.
Knowledge, Skills & Abilities
In-depth knowledge of computer operating systems, including Windows, IoS and Linux a plus
Experience with intelligence tools and applications such as networking, firewalls and Azure a plus
Knowledge of healthcare rubrics for vulnerability scoring and ATT&CK surface framework
Detail-oriented with the ability to promptly assess documents for accuracy as well as consistency
Strong interpersonal skills with the ability to influence others in a positive and effective manner
Ability to work in a team environment
Excellent communication skills; both oral and written
Preferred Certifications: CERT-Certified Computer Security Incident Handler Certification, CISSP, HCISSP
iOS Operations Analyst Intrusion Detection System (IDS) Teamwork Splunk Incident management Analytical skills Establishing interpersonal relationships SIEM Incident response network-security Azure detection Crisis Management Linux Information security Certified Information Systems Security Professional (CISSP) Windows monitoring Firewalls sentinel network-analysis Project management