Splunk Analyst - FS Poly

Job description:

As a Security Analyst, you will be responsible for the operationalization of new security platforms in order to enable the Security Operations Center to stay ahead of emerging and current threats. They will utilize data analytics, threat intelligence, and your experience to leverage new and existing technologies to build the use cases that drive security analytics and incident response. They will get hands-on with new and exciting technologies to help drive the direction of security capabilities.

Security Analyst Job Responsibilities:

• Developing and maintaining security monitoring and response processes.
• Doing incident analysis in detail and solution mapping with the knowledge base
• Ensuring quality call handling and call escalation by adhering to SLA
• Responsible for SOC tool's monitoring, maintenance and licenses management
• Development of Use cases design, reports analysis, and further enhancement
• Proactively reviewing and operationalizing threat intelligence in order to create alerts to detect techniques, tactics, and procedures employed by threat actors
• Responsible for Incident management and change management process handling
• Maintaining current knowledge and understanding of the threat landscape and emerging security threats.
• Sharing knowledge and providing training to Level-1
• New devices integration and use cases creation
• Using Threat Intelligence to identify infected/affected systems and the scope of the attack
• Responsible for advanced Threat hunting and forensics
• Tracking, reporting, and controlling incident communications with other teams

Required Candidate profile Security Analyst Qualifications/ Skills:

• Having an understanding of SOC and Incident Response practices and methodologies.
• Expertise using one or more SIEM products Splunk, ArcSight, Qradar etc
• Expertise in troubleshooting technical issues in Splunk SIEM solution
• Technical knowledge of networking protocols and Internet security
• Experience with endpoint security analysis on Windows, Mac, and Linux event data and related tools.
• Understanding of security technologies, including UEBA, SIEM, IDS/IPS, firewalls, endpoint security, content filtering, and packet inspection
• Understanding of cloud computing and security issues related to cloud environments
• Analytical skills and ability to identify advanced threats
• Good knowledge and experience with threat hunting and forensic analysis
• Root cause analysis experience, getting to the root cause, problem-solving
• Good knowledge of Windows and Linux
• Strong written communication skills and presentation skills

Security Analyst Preferred Certification:

• Graduate: BE/BTech or equivalent
• Network+/Security+/CEH/GCIH
• SIEM technology certified (one or more): ArcSight, Qradar, Splunk, etc.
• Splunk Core Certified Advanced Power User will have added advantage
• CHFI certification will have added advantage

Apply for this job

First name

Last name

Email address

Location

Phone number

Resume

Attach resume

Attach another file

Attach file

What are your hours of availability?

monday
tuesday
wednesday
thursday
friday
saturday
sunday

What are your salary requirements?

Are you willing to relocate?

What is the highest level of education you’ve obtained?

Are you authorized to work lawfully in the United States for Ampsight, Inc.

We invite you to complete the optional self-identification questions below used for compliance with government regulations and record-keeping guidelines. Any self-identification information provided will not be considered in the selection process.

GENDER

VETERAN STATUS Learn more about veteran statuses

If you believe you belong to any of the categories of protected veterans listed below, please indicate by selecting the appropriate category(ies). The hiring employer is subject to the Vietnam Era Veterans' Readjustment Assistance Act of 1974, as amended by the Jobs for Veterans Act of 2002, 38 U.S.C. 4212 (VEVRAA) and requests this information in order to measure the effectiveness of the outreach and positive recruitment efforts it undertakes pursuant to VEVRAA.

DISABILITY STATUS Learn more about disability statuses

We are required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.