Sr. Security Analyst

Presidio   •  

Glastonbury, CT

Industry: Professional, Scientific & Technical Services


5 - 7 years

Posted 32 days ago

The Presidio Managed Services Senior Security Analyst isresponsible for monitoring, analysis, triage and remediation ofsecurityevents collected by our Security Information and Event Management (SIEM) platform. To be successful in this role, you will be well-versed insecurityarchitecture; possess a deep knowledge of current and emergingthreats; able to developrisk mitigation strategiesrequired to protect the confidentiality, integrity and availability of information systems and client data and proficient atworking withinternal business units and vendors to resolve issues and develop efficient and effective action plans.

Job Responsibilities:

  • You will monitor client environment for incidents and malicious activity
  • Analyze securityevents and identify relevant incidents
  • Utilize service delivery toolset to generate incidents requiring client escalation
  • Perform packet analysis and analyze network traffic for securityevents
  • Generate high quality reports
  • Coordinate with security SME while providing incident handling and response support
  • You will train, mentor and develop junior security analysts
  • Work with and provide remediation and improvement recommendations to clients
  • Contribute to process improvement and efficiency

Job Requirements:

  • We seek a Bachelor’s Degree in a related field from an accredited school or equivalent work and/or military experience
  • We seek two of the following security certifications: GIAC-Any, CISSP, CEH, OSCP, CAS-P or other security related certification
  • We seek a minimum of 5+ years related experience
  • You have previous experience with well-known information security related tools such as Wireshark, NMAP, TCPDump
  • We seek a detailed knowledge of common attack methodologies, tactics and protocols
  • You possess a strong foundation in networking fundamentals with a deep knowledge of TCP/IP and other core protocols
  • Working knowledge of common network based services and common client/server applications
  • You have excellent communications and interpersonal skills
  • You have a solid track record of being self-motivated to learn and thrive on challenges
  • You have the ability to work in a dynamic 24/7/365 shift environment

Preferred Skills:

  • We ideally seek experience working in a Managed Services Security Provider (MSSP)
  • You have previous experience with enterprise level security incident/event management tools such as Intel Security ESM, HP ArcSight or IBM QRadar, LogRhythm
  • We seek prior experience with vulnerability scanning tools such as Nessus or Security Center
  • Ideally, you have 1 year of experience utilizing SIEM platforms
  • Ideally, 3+ years’ experience maintaining, utilizing, and troubleshooting Cisco ASA/PIX Platforms
  • You possess 3+ years’ experience maintaining, utilizing, and troubleshooting HP TippingPoint, SourceFire, or Cisco IDS/IPS Platforms
  • You have 3+ years’ experience maintaining, utilizing, and troubleshooting Palo Alto Platforms
  • We seek 3+ years’ experience maintaining, utilizing, and troubleshooting Cisco IronPort
  • We seek 3+ years’ experience maintaining, utilizing, and troubleshooting FireEye Product line