DirectDefense Security Analyst - Night Shift in Denver, Colorado
• Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, Anti-Virus, SIEM, etc…), across multiple platforms • Assessing the security impact of security alerts and traffic anomalies on networks • Creating comprehensive security write-ups that articulate security issues, analysis, and remediation techniques • Escalating and explaining security incidents • Maintaining a strong awareness and understanding of the current threat landscape • Conducting research on emerging security threats • Monitor information security alerts through the use of SIEM to respond, triage, and escalate as needed • Review and respond to security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives • Perform day-to-day security log review and analysis in adherence with SOX & PCI requirements, as well as industry security best practices. • Technical analysis of network activity monitors and evaluates network flow • Responsible for reporting, escalating, and remediating anomalous events based on the established protocol • Participate in root cause analysis of critical events for improving preventative and reactive processes • Works with senior leadership to tune and maintain the SIEM (Security Information and Event Management) as needed; develop SIEM use cases to enhance monitoring capabilities • Responsible for gathering and responding to all assessment/audit requests for information
Must be willing to work night shifts. Hours are 7pm-5am 4 days a week.
• 1 – 3 years of IT experience preferably in IT security and/or network infrastructure • Strong working knowledge reviewing IDS, Firewall, and other security logs • Experience with monitoring Security Information and Event Management (SIEM) solutions and analyzing SIEM data • Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages • Understanding of Anti-Virus solutions, Intrusion Detection/Prevention Systems, Firewalls, Vulnerability Assessment tools, Web Proxies, and Active Directory • Well versed in network protocols • Well versed on the latest attacks, vulnerabilities, and trends associated with cybersecurity • Excellent communication skills with the ability to provide the appropriate level of detail (verbal and written) to both technical and non-technical personnel