Job description

Job Title: L3 Security Analyst

Location: Remote

Job Type: Full-time

Opportunity Details

Buchanan Technologies is currently seeking a Level 3 Security Analyst to perform a variety of duties in support of its growing Information Security program. Our environment is spread across the globe with office locations in Grapevine TX, Wichita KS, Mississauga Ontario, Charlottetown PEI, Sofia Bulgaria, and various remote users across the world. We also support many global customers.

The Analyst will have experience in many areas: compliance, incident response, and defense programs. The Analyst will have the opportunity to define and mature processes, grow, and mature the security processes, and receive cross-training from other members of the team working on other aspects of our security program.

The Analyst will work directly with internal leadership, peers, clients, and external auditors to manage a portfolio of SOC 2 audits from initiation through to completion. Sitting within the Managed Security team, this role will involve a robust understanding of SOC 2 requirements, a wide-range of security technologies, knowledge of how-to best evidence control activity, and the ability to co-ordinate walkthroughs and sample collection across several stakeholders.

The Analyst, under the direction of the Director of Managed Services, assumes responsibility for data security including the planning, design, and implementation of security measures that safeguard access to enterprise assets. The Analyst provides rapid response to our client’s requests for security assistance.

The Analyst secures enterprise information by determining security requirements; planning, implementing and testing security systems; preparing security standards, policies, and procedures; mentoring team members.

Responsibilities

• Document risk management processes and procedures and make recommendations for improvement to management.
• Coordinates efforts to continually test and improve security with other InfoSec Analysts and other members of the team.
• Reviews computer logs, messages, and reports to identify possible violations of security, gaps in controls, or deviations from compliance frameworks.
• Coordinates, documents, and reports on internal and external investigations of security violations.
• Interacts with customers to understand their security needs; assists in the development and implementation of procedures to accommodate them.
• Develops and tracks metrics to demonstrate compliance, adaptability, and effectiveness.
• Writes security status reports to provide system status, report potential and actual security violations and provide procedural recommendations.
• Performs network security monitoring and incident response for numerous clients.
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Provide analysis and trending of security log data from many heterogeneous IT security devices
• Monitors and analyzes Early Detection/Response Systems (EDR) and Security Information and Event Management (SIEM) to identify security issues for remediation.
• Creates, modifies, and updates Security Information Event Management (SIEM) rules.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
• Evaluates/deconstructs malware (e.g., obfuscated code) through open-source and vendor-provided tools.
• Communicates alerts to clients regarding intrusions and compromises to their network infrastructure, applications, and operating systems.
• Prepares briefings and reports of analysis methodology and results.
• Creates and maintains standard operating procedures and other similar documentation; Create/review/modify documentation as needed, to include any process or procedure and thus ensure it’s up to date and standard
• Consolidates and conducts a comprehensive analysis of threat data obtained from classified, proprietary, and open-source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
• Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
• Assist Entry-Level SOC analysts team members to help support and build stronger skills within the team.
• Complies with all mandated compliance requirements and ensures the enterprise’s security and privacy policies are followed.
• Enhances security team accomplishments and competence by planning the delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
• Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
• Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
• Verifies security systems by developing and implementing test scripts.
• Maintains security by monitoring and ensuring compliance with standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
• Upgrades security systems by monitoring the security environment; identifying security gaps; evaluating and implementing enhancements.
• Prepares system security reports by collecting, analyzing, and summarizing data and trends.
• Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
• Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
• Establishes maintains, and monitors all log-on identifications and access rules, defining specific access to network, files, and database management systems. The methodical generation of such a system shall consolidate disparate application security systems under one methodology.
• Recommends security software and its application to all storage device types and access to them.
• Establishes alternative security measures if needed to support disaster recovery efforts.
• Recognizes and identifies potential areas where existing data security policies and procedures require change, or where new ones need to be developed, especially regarding future business expansion.
• Participates with vendors in the assessment of advanced data security systems.

Required Education and Qualifications:

• Strong technical knowledge set of security tools (SentinelOne, ArmorPoint, Proofpoint, Baracuda, Forcepoint, Nessus, Qualys, ManageEngine, Infocyte, etc.)
• Willingness to learn and continually improve skills to ensure the success of the business and its objectives.
• Excellent analytical and problem-solving skills as well as interpersonal skills to interact with customers, team members, and upper management
• Good understanding of cybersecurity incident response and network security monitoring
• Fundamental understanding of computer networking (TCP/IP), knowledge of Windows, Linux, and information security.
• 5+ years of experience in ever-increasing cyber security roles
• Experience in ticketing and monitoring systems
• Knowledge of common controls, technical implementation, and security processes.
• Experience with some or all of the following tools and technologies: cloud security with focus in AWS and Azure, strong background in email security, nextgen IDS/IPS, operating systems, domain structures and digital signatures, firewall theory and configuration, security systems, and implementation procedures, network software and hardware, and/or computer desktop packages such as Microsoft Word, Excel, etc.
• Ability to analyze data, such as logs or packet captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents
• Knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
• Knowledge of Endpoint Security enterprise platforms, threat hunting and SIEM technologies.
• Must be capable of passing a basic background investigation
• Excellent English written and verbal skills.
• After-hours availability required

Preferred Education and Qualifications:

• Bachelor Degree in Computer Information Systems or Cyber Security or equivalent experience
• CompTIA Network + Certification
• CompTIA Security + Certification
• Certified Ethical Hacker Certification
• Information Security professional designations such as CISSP, CISM, CISA, CRISC
• Experience implementing, auditing, or consulting on SOC 2 in a medium to large organization.

Buchanan Technologies is fully committed to Equal Employment opportunities and to attracting, retaining, developing, and promoting the most qualified employees without regard to their race, gender, color, religion, sexual orientation, national origin, age, physical or mental disability, citizenship status, veteran status, or any other characteristic prohibited by federal or state law. We are dedicated to providing a work environment free from discrimination and harassment, and where employees are treated with respect and dignity and encouraged to be their authentic self.

Job Types: Full-time, Permanent

Pay: $105,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible spending account
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

Compensation package:

• Yearly pay

Experience level:

• 5 years

Schedule:

• 8 hour shift
• Day shift
• Monday to Friday

Experience:

• Linux: 2 years (Preferred)
• Cybersecurity: 5 years (Required)
• AWS: 2 years (Preferred)
• Azure: 2 years (Preferred)
• Helix: 2 years (Preferred)
• Nessus: 2 years (Preferred)

License/Certification:

• CompTIA Security+ (Preferred)
• CompTIA Network+ (Preferred)
• CISSP (Preferred)

Work Location: Remote

colinoncars.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, colinoncars.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, colinoncars.com is the ideal place to find your next job.