Prosyntix is currently recruiting for a Fulltime Security Analyst role working with a Financial Company out of Charlotte, NC. This role will monitor network security systems and identify potential cybersecurity threats. Reporting into the Leader of Cybersecurity Technology, the IT Security Analyst will be part of the Incident Response Team that leverages multiple security technologies and resources to identify, investigate and respond to cybersecurity threats facing the corporate SaaS cloud environment.
This role will have the option to work 100% remotely or utilize the Charlotte office. The only requirement will be the candidate will need to be comfortable working the EST work hours.
• Monitor and identify cybersecurity / information technology related incidents that involve enterprise systems and data including personally identifiable information (PII).
• Detect, investigate and report cybersecurity incidents.
• Maintains and enhances the vulnerability testing and remediation process.
• Create cybersecurity reporting metrics, dashboards and scorecards.
• Help improve the overall security posture by independently verifying the security of enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders.
• Analyze firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings.
• Collaborate with SaaS support partners to ensure processes and controls are operating as designed
• Work with SaaS support partners to provide effective incident response (IR).
• Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, Orchestrator logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents.
• Develop and maintain playbooks to help analysts respond to cyber threats.
• Provide guidance and leadership for on-site investigations and forensics.
• Maintain chain of custody in accordance with incident handling procedures and in compliance with NYDFS and other applicable regulations and frameworks.
• Collaborate across organizational lines through participation in regular IR working group sessions.
• Develop advanced runbooks and automation based on reporting and response measurements.
• Supporting data protection tools, processes and Managed Security Service Providers.
• Monitor security threat feeds, articles, and reports to remain up to date on the latest security risks, threats, and technology trends.
Essential Business Experience and Technical Skills:
• Bachelor's degree or equivalent experience.
• Excellent verbal and written communication skills.
• Knowledge and understanding of cybersecurity industry best practices.
• Knowledge of SaaS cloud security and services including O365 and Azure.
• Knowledge and understanding of vulnerability identification, remediation and reporting.
• Knowledge of NIST and MITRE attack framework.
• Knowledgeable and experience with security threat detection and endpoint security.
Preferred Information Security certifications
• CEH - Certified Ethical Hacker
• ECIH- Certified Incident Handler
• EC Council Certified Security Analyst