Analyst - Security Analytics - Consider strong remote candidates

About the position As an analyst on our Security Analytics team, you will play a pivotal role in enhancing our organization's security posture. This role requires a blend of technical expertise, analytical skills and a keen eye for detail. The Security Analytics team is a core function of the Cyber Fusion Center, part of client Security Operations, responsible for proactively monitoring client attack surface and detecting active cyber threats. This proactive monitoring of client attack surface enables other Security Operations teams and associated stakeholders to drive remediation of identified risks. Analysts within Security Analytics define, develop and implement cyber monitoring use cases in the security monitoring solutions, maintain high availability of client monitored attack surface, and engage in and support advanced security research and investigation activities. Responsibilities • Coordination with infrastructure teams in the testing, implementing, deploying, maintaining, reviewing, and administering of monitoring infrastructure. • Develop content for monitoring infrastructure (SIEM, Netflow, etc.). This includes Uses Cases, Dashboards, Reports, Rules, Filters, and Trends. • Provide optimization for data flows using aggregation, filters etc. • Develop, maintain, and disseminate documentation (Playbooks, SOPs, Work Instructions) required to effectively maintain controls effectiveness and demonstrate return on investment. • Coordinate with Incident Response (IR), Threat Detection & Response (TDR), Threat Intelligence (TI) and Vulnerability management (VM) analysts to manage and administer the updating of rules and signatures (e.g., SIEM use cases and rules, traffic filtering, tuning, and maintenance) for monitoring of business-critical systems and applications. • Identify potential conflicts with implementation of monitoring tools within the Security Analytics area of responsibility (e.g., tool and signature testing and optimization). • Assist in identifying, prioritizing, and coordinating the monitoring of critical business infrastructure and key resources. • Communicate technical information to non-technical audiences and advises staff on Cybersecurity issues and approaches. Requirements • In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc. • Previous experience in Network monitoring platforms • Excellent analytical and problem-solving skills • Proven ability to act independently and to execute with limited information and ambiguity • Detail-oriented with the ability to promptly assess logs for accuracy as well as consistency • Strong interpersonal skills with the ability to influence others in a positive and effective manner • Ability to work in a team environment • Excellent communication skills; both oral and written Nice-to-haves • CISSP • GIAC Practitioner certifications etc. Apply tot his job