Sr. Principal Info Security Analyst

Symantec   •  

Herndon, VA

8 - 10 years

Posted 263 days ago

This job is no longer available.

Responsibilities:

  • Collect data and context necessary to analyze and triage alerts.
  • Create tickets to document investigations.
  • Determine criticality of incident.
  • Act as an escalation point for junior analysts.
  • Perform in-depth analysis and end-to-end investigations, from detection to remediation.
  • Conduct incident response activities such as host triage, malware analysis, remote system analysis, end-user interviews, remediation efforts, and compile detailed investigation reports.
  • Act as scribe during critical incidents.
  • Operate as Incident Handler during critical incidents.
  • Develop new and provide feedback on existing SIEM use cases.
  • Evaluate existing technical capabilities and systems to identify opportunities for improvement.
  • Maintain Standard Operating Procedures.
  • Develop security training programs to advance analyst skills and knowledge.
  • Perform threat hunting activity independent of standard event alert channels.
  • Collaborate with cross-functional business units to advance security operations goals.

Qualifications:

  • Minimum 8years of comparable experience.
  • Experience and background in cybersecurity operations and incident response.
  • Experience working in fast paced environments with the ability to manage workload during times of stress or escalated activity.
  • Comfortable with impromptu tasking and loosely defined requirements.
  • Excellent interpersonal, organizational, communication, and writing skills.
  • Detail oriented with excellent analytical and investigative skills.
  • In-depth technical knowledge in at least two of the following: Windows disk and memory forensics, Unix or Linux disk and memory forensics, network traffic analysis, static and dynamic malware analysis.
  • Solid understanding of IT operations, such as help desk, end-point management, and server management.
  • Strong understanding of security operations concepts, such as perimeter defense, BYOD management, data loss protection, insider threat, adversary lifecycle analysis, risk assessment, and security metrics.
  • Clear understanding of adversary motivations, such as cybercrime, hacktivism, cyber espionage.
  • Good understanding of basic cyber-intelligence techniques.
  • Understanding of basic computer science concepts, such as algorithms, data structures, databases, operating systems, networks, and tool development.
  • Proficient with Splunk

41628