We are currently seeking a Cybersecurity Analyst III in Akron, OH for a contract to hire opportunity. Under the general direction of the Manager, Cybersecurity Operations, the Cybersecurity Analyst is responsible for performing the tasks that support incident detection, incident response, digital forensics, and threat intelligence capabilities across the organization.
Responsibilities:
- The Cybersecurity Analyst performs real-time cybersecurity event analysis and incident handling activities in order to identify, contain, and mitigate cybersecurity incidents relevant to the organization.
- The role conducts incident preparedness activities to ensure the organization is positioned to respond to cybersecurity incidents in a manner that maximizes the survival of life, preservation of property, and information security.
- The Cybersecurity Analyst is responsible for documenting cybersecurity incident activity from initial detection through recovery.
- The Cybersecurity Analyst performs cybersecurity incident triage tasks, including determining scope, urgency, and potential impact; identifies specific vulnerabilities exploited; and makes recommendations that enable expeditious remediation.
- The role performs command and control tasks to support interdepartmental virtual incident response team activities.
- The Cybersecurity Analyst performs digital forensics duties for the organization. Digital forensics duties entail investigations of computer-based incidents, establishing documentary evidence, including digital media and logs associated with cyber incidents.
- The Cybersecurity Analyst also operates the organization's threat intelligence capabilities which includes monitoring and developing cyber indicators to maintain awareness of the threat status across a highly dynamic operating environment.
- The role collects, processes, analyzes, and disseminates cyber threat alerts & warnings.
Requirements:
- Bachelor’s Degree or equivalent in Computer Science, Cybersecurity, IT, or Engineering or equivalent combination of education and/or experience.
- Seven (7) years information security experience
- Seven (7) years of IT related experience
- Experience working in a complex healthcare environment.
- Advanced knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
- Advanced knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
- Advanced knowledge of incident response and handling methodologies.
- Advanced knowledge of common adversary tactics, techniques, and procedures (TTPs) in assigned area of responsibility (e.g., historical country-specific TTPs, emerging capabilities).
- Advanced knowledge of cyber threats and vulnerabilities.
- Advanced knowledge of incident categories, incident responses, and timelines for responses.
- Advanced knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Advanced knowledge of processes for collecting, packaging, transporting, and storing electronic evidence while maintaining chain of custody.
- Advanced knowledge of which system files (e.g., log files, registry files, configuration files) contain.
Certifications:
- CompTIA Security+ (or equivalent)
- GIAC Incident Handler (GCIH) (or equivalent)
- CompTIA CASP (or equivalent)
- Advanced knowledge of computer networking concepts and protocols, and network security methodologies.
- Advanced knowledge of front-end collection systems, including network traffic collection, filtering, and selection.
