Position: Cyber Security Analyst IILocation: Seneca Falls NYRemote Option: NoTravel: NoneCitizenship Status: Position requires access to controlled documents American Citizenship or Permanent Green Card Status is required Relocation: Relocation packages availableEducation: HSD/GED is required, Ethical Hacker Certification is requiredExperience: 2+ years' experience in a similar enterprise sized role is required. Ethical Hacker certification is requiredOur work depends on a Cyber Security Analystjoining our team to support our global enterprise sized organization activities. At ITT, people are our differentiator. As a Cyber Security Analyst supporting our CSOC team, you will be trusted to work on the latest technologies for Vulnerability Management and Reporting, Security Event and Information Management (SIEM), Next Generation Firewall, Enterprise Detection and Response (EDR), Web Application Vulnerability Scanning, and Forensic Imaging.Who you are:A Cyber Security professional and threat hunting enthusiast, who is seeking opportunities to evolve his/her craft by understanding latest cyber threats and helping an enterprise size organization identify intrusion in it's environment. In order to effectively do this, you leverage cutting edge Security Information and Event Management (SIEM) data analytics, as well as network/endpoint detection and response technologies for investigating any malicious activity in on-prem and cloud environments.
Hunt threats, perform monitoring and security incident triage through the review of SIEM events, network traffic data collection, endpoint activity logs.
Identify and collect data associated with initial security investigation finding.
Detection, monitoring, analysis, escalation of security incidents and Intrusion Detection with documentation and tracking of investigations to resolution, along with creating security alert notifications to steak holders.
Incident handling and response with escalation as needed on any investigations requiring advanced analysis of security incidents.
Analyze network traffic and intrusion alerts; discern false positives
Splunk and Splunk UBA tuning
File/link analysis and immunization against those types of attacks
Here's what you need:
Minimum 2 years of Security Analyst experience in an enterprise environment with an ability to defend an enterprise globally
Education: minimum HSD/GED Required Certified Ethical Hacker Certification is REQUIRED
1 year of Carbon Black experience preferred (antivirus solutions)
Experience with common and uncommon security tools and suites (Kali-Linux, Metasploit, Hydra.)
Disk and memory forensics experience.
Strong analytical and technical capabilities, and excels in critical thinking.
In-depth architecture knowledge of Splunk is preferred
Strong MITRE ATT&CK framework knowledge
Network ports and protocols
Vulnerability assessment tools (Nessus, Nmap)
Scripting for automation (Python, PowerShell, APIs)