Cyber Security Analyst – All Covered – Anaheim, CA


Job Title: Cyber Security Analyst Area of Interest: Managed IT Services

Department: 960000 – All Covered

City: Anaheim

State: California

Job Description: Role Summary:
The Cyber Security Analyst will support proactive 24 x 7 monitoring of the information environment to detect, analyze, track, and mitigate external threats utilizing a multi-tenant security information and event management system (SIEM) and other tools used to provide managed security services. The Cyber Security Analyst is well versed in numerous security technologies, understands the motivations and capabilities of Advanced Persistent Threat actors and can communicate risks and make recommendations associated with specific network threats. You will support the Network Operation Center (NOC), Remote Support Center (RSC) and field engineering personnel in the mitigation and remediation of host and network based vulnerabilities.

Duties and Essential Role Functions:
Technical:
Evaluate security solutions and monitor various Security blogs, alerts and notifications, RSS feeds and forums in order to keep abreast of the latest security news, attacks, threats, vulnerabilities and exploits

Review and analyze data and network traffic from numerous security tools such as full packet captures and security device logs in order to detect traffic anomalies, identify infected systems and determine lateral movement of infections across the network

Contribute to incident response, maintaining relevant communication in emails, ticket summaries, analysis and reporting. Work with Incident Handlers to provide recommendations for remediation of compromised systems and any relevant counter-measures

Coordinate with security vendors to ensure detection signatures are updated to detect files that have made it past current e-mail and network security appliances

Conduct basic static and dynamic malware analysis

SMTP Header analysis and e-mail routing behaviors

Review, create or document standard operating procedures, recommendations, project specific documents and resource guides as needed Qualifications: Qualifications:

3+ year’s Cyber Security Incident Response, Security Operations Center and/or Attack Analysis in a large, mission-critical environment with a background in the following:

  • In-depth knowledge of operating systems (Windows & UNIX, Mac OS X a plus)
  • Expert understanding of TCP/IP networking, routing protocols and full packet capture analysis
  • In-depth network security expertise including firewall, IDS and IPS
  • Understanding of a variety of security tools including firewall logs, intrusion detection systems, windows logs, event management, packet capture, packet sniffing technology.
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
  • Static and dynamic malware analysis experience
  • Knowledge in use of various Malware Sandbox environments
  • Digital forensics experience focusing on Windows systems from a malware perspective
  • Knowledge of enterprise systems and infrastructure
  • Proven understanding of log parsing and analysis at a large scale with data clustering tools or techniques
  • Experience with a scripting language such as Perl, Ruby, Python, and BASH

Bachelor’s Degree in Computer Science or related field

Master’s Degree in Engineering, Business Management, or Technology related fields a major plus

People skills:
Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors.

Able to work under pressure in time critical situations.

Process Skills:
Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation.

Detailed knowledge of current international best practices in the incident response arena.

Communication Skills:
Excellent written and verbal communication skills are required.

Ability to communicate effectively with business representatives in explaining impacts and strategies and where necessary, in layman’s terms.

Certifications:
Industry standard information security and incident response certifications (CISSP, GCIA, GCIH, GREM, etc) are a plus.

Memberships and participation in relevant professional associations.

Konica Minolta offers:
Competitive compensation program.

Outstanding benefits package (including medical, dental, life insurance).

401(k) plan with matching company contribution.

Excellent holiday/vacation plans.

Tuition reimbursement.

Employee Referral Bonus Program.

Ongoing training opportunities.

Visible, exciting work supporting the sales of cutting edge technology and workflow solutions.

KMBS is an equal opportunity and affirmative action employer. We consider all qualified applicants for employment without regard to race, color, religion, creed, national origin, sex, pregnancy, age, sexual orientation, transgender status, gender identity, disability, alienage or citizenship status, marital status or partnership status, genetic information, veteran status or any other characteristic protected under applicable law.



Source link

Tags:

Leave a Reply