Cyber Defense Analyst

Job Description

Executes decision-making authorities and establishes cyber incident response direction for organization and cyber defense fusion operations.

Single Point of Contact (SPOC) when a cybersecurity incident is declared.

Manages Cybersecurity incident response lifecycle during a cybersecurity incident.

Provides Cybersecurity Incident After-Action Reporting.

Analyze the cybersecurity incident data, determine impact of the incident, classify or re-classing the cyber incident category, impact, scope, severity, or appropriate response procedures.

Gathers information regarding cybersecurity incident, catalogs, and maintains the integrity of collected data for evidence.

Provides escalation support for Cyber Command Center Analyst and Cyber Incident Coordinators.

Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy

Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

Conduct real-time analysis using the SIEM, Cloud, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying anomalous activity, security events/alerts and rule out false positives

Hourly Rate: 30-35/hr

Salary: 50-70k

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ~~~ .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: ~~~/ .

Skills and Requirements

One to two (1-4) years of experience in network defense environments

An industry technical certification such as Security + and above.

1 - 3 years of experience with tools such as Active Directory, Azure Active Directory, AD Connect, SAML, Kerberos, Cisco IOS, MS Server, Azure cloud environments, Incident Handling, Threat hunting experience, fundamental knowledge of IEEE 7 layers

Experience with deployment and documentation of enterprise project management and change management processes

Ability to identify solutions to potential network issues/embrace network simplification and strengthened security

Ability to conduct event triage and analysis and incident investigation

Write threat reports and incident reports

Read and ingest various govt. regulations for application to agency environment Understanding of command line scripting and implementation (e.g., Python, PowerShell)

Ability to write latest content/searches/scripts (e.g., Create dashboards, Sentinel alerts, Python scripts, PowerShell scripts)

Familiarity with differences in on-prem OPSEC in relation to cloud-based security

Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)

Ability to perform NetFlow / packet capture (PCAP) analysis

Experience with cyber threat hunting null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to ~~~.