Job Details

Email to Friend Save Back

Security Analyst

NEW YORK-10001, NY, US
11/29/2016

-

Required Skills

Microsoft Windows systems

Company

Infinity Consulting Solutions, Inc

Experience

Job Description

Lead Investment Bank is seeking a Security Threat Analyst

This is a technical role where the individual will validate escalated events of interest as security events or low severity incidents, working to resolve them or further escalate as appropriate.

This individual will also assist in continuous improvement of processes, as well as assisting in improvement of alerts, rules, triggers and thresholds in SIEM and incident monitoring systems.

This position requires a deep technical understanding of security incidents and alerts, network models and equipment, and must be well versed in security technologies and tools, industry trends, as well as general incident response processes and methodologies.

Responsibilities:

Utilize detective controls to develop rules and alerts to drive security monitoring. Validate and categorize escalated IT security events.

Perform initial remediation or further escalation as appropriate.

Enrich events of interest with additional logs, packet captures, and other contextual detail as required.

Profile and trend events in the environment for potential incidents.

Receive and analyze network alerts from various sources within the firm and determine possible causes of security alerts

Recommend, test, tune and implement SIEM rules in Splunk and other tooling correlation rules.

Identify false-positives from alerting, optimize and perform incident response, triage, incident analysis and remediation tasks

Assist in the improvement of the detection, escalation, containment and resolution of incidents.

Assist in the enhancement of existing incident response methods, tools, and processes;

Required Skills:

Bachelor degree in computer science, management information systems, or related field preferred.

5+ years of Information Security experience

2+ years in incident analysis, security architecture, malware research, Security Operations Center (SOC) duties, or similar experience is required.

Must be able to use Splunk and help in creation of dashboards and integration

Deep technical understating of TCP/IP, SSL, Exploit kits, DNS, and overall network architecture.

Experience in network forensics tools and methodologies Computer security incident investigation and response experience

Experience investigating common types of attacks

Log analysis and experience reviewing Security Events

Packet analysis and deep understanding of network protocols and traffic analysis.

Working experience with analysis and inspection of log information, packets, and other security tool information output from a variety of sources.

Working experience with network devices, Microsoft Windows systems, UNIX systems and security products.

Familiarity with basic reverse engineering principles.

Excellent problem solving, collaboration, and communication skills. Desired skills

Working within a fusion center, security operations, incident management, or command center environment

Excellent problem solving, collaboration, and communication skills.

Knowledge of multiple operating systems (Windows, Linux, OSX). Security product assessments. Host and Network Forensics. Security tools development.

Third Party Applications Not Accepted