Sr. Principal Info Security Analyst

8 - 10 years experience  • 

Salary depends on experience
Posted on 03/27/18
Herndon, VA
8 - 10 years experience
Salary depends on experience
Posted on 03/27/18

Responsibilities:

  • Collect data and context necessary to analyze and triage alerts.
  • Create tickets to document investigations.
  • Determine criticality of incident.
  • Act as an escalation point for junior analysts.
  • Perform in-depth analysis and end-to-end investigations, from detection to remediation.
  • Conduct incident response activities such as host triage, malware analysis, remote system analysis, end-user interviews, remediation efforts, and compile detailed investigation reports.
  • Act as scribe during critical incidents.
  • Operate as Incident Handler during critical incidents.
  • Develop new and provide feedback on existing SIEM use cases.
  • Evaluate existing technical capabilities and systems to identify opportunities for improvement.
  • Maintain Standard Operating Procedures.
  • Develop security training programs to advance analyst skills and knowledge.
  • Perform threat hunting activity independent of standard event alert channels.
  • Collaborate with cross-functional business units to advance security operations goals.

Qualifications:

  • Minimum 8years of comparable experience.
  • Experience and background in cybersecurity operations and incident response.
  • Experience working in fast paced environments with the ability to manage workload during times of stress or escalated activity.
  • Comfortable with impromptu tasking and loosely defined requirements.
  • Excellent interpersonal, organizational, communication, and writing skills.
  • Detail oriented with excellent analytical and investigative skills.
  • In-depth technical knowledge in at least two of the following: Windows disk and memory forensics, Unix or Linux disk and memory forensics, network traffic analysis, static and dynamic malware analysis.
  • Solid understanding of IT operations, such as help desk, end-point management, and server management.
  • Strong understanding of security operations concepts, such as perimeter defense, BYOD management, data loss protection, insider threat, adversary lifecycle analysis, risk assessment, and security metrics.
  • Clear understanding of adversary motivations, such as cybercrime, hacktivism, cyber espionage.
  • Good understanding of basic cyber-intelligence techniques.
  • Understanding of basic computer science concepts, such as algorithms, data structures, databases, operating systems, networks, and tool development.
  • Proficient with Splunk

41628

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.