Threat Detection & Response Analyst
Direct Hire or Contract to Perm
$80K – $100K + 6% bonus
100% remote now, 90% remote next year – 2-3 days onsite per month
We take security seriously. After all, we’re in the business of connecting people to the things they do and love through our products, services, and technologies. Each of those delivery platforms depends on top-tier security, so we only enlist the best in the business to help protect our data and technology. And monitoring and responding to cyber threats is important, high stakes work.
We are looking for a Threat Detection and Response (TDR) Analyst who will tackle those responsibilities for our network & systems, as well as collecting and analyzing threat intelligence, performing security monitoring activities, and conducting incident responses, while reporting directly to our Senior Manager of Threat Detection.
It’s a job that requires some serious business knowledge and strong capabilities in technology and security. If you’re looking for this kind of challenge, keep reading. We’ll tell you more about what you’ll do, and what experience you’ll need to have, as well as what you can expect from us.
What You’ll Do:
- Monitor networks, systems, and information assets for security events, so you can detect cyber incidents and minimize their impact to the organization.
- Detect and respond to incidents using SIEM, behavioral analytics, and network analysis.
- Analyze log files from a variety of sources to ID potential threats to network security.
- You’ll document and escalate cyber incidents that may cause ongoing and immediate impact to the environment.
- Be responsive, so you can mitigate the impact of cybersecurity incidents on the environment.
- Update scenario-based procedures, classifications, techniques, and guidance as required.
- Perform incident triage, making recommendations that allow for rapid remediation.
- Track and document cybersecurity incidents from first detection until final resolution.
- Keep up with the latest trends in threat intelligence, security monitoring and incident response, and collect data from subscription and open-source feeds.
- Have an eye on changes in threat dispositions, activities, tactics, capabilities, objectives as related to designated cyber operations warning problem sets and report on these issues regularly.
- Operate in a proactive threat intelligence and active defense program to collect and analyze threat intelligence data, then you’ll incorporate that information so decisions can be made at operational and strategic levels.
Who You Are:
- As you’ve seen, this job requires someone who is at the top of their security game. Because it’s such a critical role, there are more than a few requirements that will assure you’re on track for this opportunity:
- 3+ years of technical experience in the Information Security field
- Experience writing, reviewing and editing cyber-related intelligence/assessment products from multiple sources
- Experience triaging security events using a variety of tools including QRADAR in a security operations environment
- Experience with packet flow, TCP/UDP traffic, firewall technologies, IDS technologies (e.g., Snort rules), proxy technologies, and antivirus, spam and spyware solutions
- Familiarity with conduct incident response activities and see incidents through to successful remediation
- Experience with a programming/scripting language such as Python, Perl or similar, and rock solid when it comes to sourcing data used in intelligence, assessment and/or planning products, and are always thorough and accurate
- Borderline guru when it comes to computer networking concepts and protocols, and network security methodologies
- Deep knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions, and a solid understanding of network traffic analysis methods including packet-level analysis
- Experience with network security architecture concepts including topology, protocols, components, and principles
- Good understanding of cyber-attack stages, as well as malware analysis concepts and methodologies and can confidently employ incident handling methodologies
- Proficiency with common cybersecurity management frameworks, regulatory requirements and industry leading practices
- At least one of the following certifications (or you will obtain one within your first 12 months of employment): CISSP, CEH and/or the following SANS certifications: GCIH, GCFE, GCFA, GREM, GPEN, GWAPT, GXPN are preferred, but not required.
- On top of all this expertise, you also show up with a some super strong skillsets, including process execution, time management and organizational skills, as well as an admirable work ethic, leadership skills, initiative and ownership of work
- Ability to communicate in a confident and well-organized manner, whether that’s verbal, written, and/or visual communications
- BS in Computer Science, Information Systems, Engineering, or a similar field.
- Experience with endpoint security agents (Carbon Black, Crowdstrike, etc. as well as network forensics and associated toolsets, (Suricata, WireShark, PCAP, tcpdump, etc.) and analysis techniques.
- Experience with host-based detection and prevention suites (Microsoft SCEP, OSSEC, etc.)
- Understanding of log collection and aggregation techniques, Elastic Search, Logstash, Kibana (ELK), syslog-NG, Windows Event Forwarding (WEF), etc.
For immediate consideration please contact Denise Wicks at DWicks@SynergisIT.com or call 770-346-7205.
Synergis serves a myriad of clients across nearly all industries, from start-ups to Fortune 100 companies. The outcomes of these relationships are demonstrated in a growing list of more than 300 clients and industry recognition by Inc. magazine and the Atlanta Business Chronicle. From its foundation in 1997, Synergis has been successfully recruiting and placing IT professionals in all areas of information technology. Synergis has been successfully recruiting and placing IT professionals for over 20 years. For more information about Synergis, please visit the company website at www.synergishr.com.
Synergis is an Equal Opportunity/Affirmative Action employer.
Apply with Github Apply with Linkedin Apply with Indeed