Our client based in Dallas-Fort Worth is seeking a Mid-level Cybersecurity Analyst to join their team for a 12+ month long-term engagement. You will also have the opportunity to work a hybrid schedule of 3 days onsite/2 days remote.
Leverage the latest technology to solve business problems in a collaborative environment at this Fortune 500 transportation giant. Top technical resources are retained on long-term contract engagements.
Experience
3-5 years experience preferred
Required Skills
- Critical thinking and analysis
- Strong sense of ownership / Highly curious
- Able to work independently with minimal direction
Typical Duties And Responsibilities
- Standard 3 days on site / Travel occasionally for 2 nights
- Maintain documentation
- Support enterprise logging and analysis solutions
- Analyze Log files for suspicious activity / Analyze event data for suspicious patterns
- Analyze log sources, assess threats, and define alerting criteria
- Develop log policies by creating rules, setting thresholds, and prioritizing alerts based on impact and urgency
- Work with IR Engineering to configure data ingestion, detection rules, and finetune detection
- Work with CIRT to configure incident creation, explore opportunities to enrich incident data, and assign incidents to CIRT teams
- Review policies regularly, address false positives/negatives, and stay updated on technology
- Data extraction / Reporting
- Note: this is not an Incident Response role
Desired Skills (proficient)
- Windows 10 / Windows Server 2019
- Linux Ubuntu 2018
- Scripting (PowerShell, BASH, Python, etc.)
Desired Skills (familiar)
- MySQL
- Anvilogic
- FluentBit
Desired Certifications
- CompTIA Security+, Certified Information Systems Security Professional (CISSP)
Posted By: Cate Novak