Cybersecurity Defense Analyst

Company: Epsilon, Inc.
Location: Greenville
Posted on: November 16, 2021

Job Description:

Cybersecurity Defense Analyst-- -Security Clearance required: Must be able to pass a federal background investigation and obtain a Public TrustLocation: Greenville, SC-- -Position Summary: The Cybersecurity Defense Analyst will provide analyze and conduct cyber network defense on events that occur within IT environments within the area of responsibility for the purposes of mitigating threats. This position is part of 24x7x365 Cybersecurity Operations Center (SOC) responsible for the overall security of Enterprise-wide information systems, data and networks. The SOC's objects are to protect, detect, respond, and remediate Information Security (IS) threats to the Enterprise and associated systems. During operations you will perform continuous monitoring on IT systems, network & asset intrusion detection, and proactive & reactive defense techniques in efforts to safeguard IT data. Additionally, you will assist other members with tasks relating to digital forensics, legal investigations, information gathering, IT troubleshooting, and threat landscape gap analysis.-- -Position Responsibilities: Ability to bring actionable insight during early IT planning phases; highlighting compliance & configuration improvements which can be applied before IT assets & data are live on the enterprise network. Provide Support for installation, configuration, patching, and day-to-day administration and maintenance of cyber managed services & tools, including: Intrusion Detection System (IDS) Vulnerability Management Systems SIEM SOAR EDR AV IT Service Intelligence Systems (ITSI) Proxy Services Certification Authority Services Threat Intelligence Platforms Data Loss Prevention (DLP) Ability to analyze security events, threat signatures, correlated search algorithms, external threat intelligence and recommend and/or apply security practices aimed at minimizing the threat to the organization(s) the SOC services. Conduct continuous monitoring, evaluate the risk, apply priority & urgency based on the asset & identity, and identify security gaps within the enterprise. Perform network (LAN & WLAN) collection tactics, techniques, and procedures to include decryption capabilities/tools. Ability to interpret the information collected by network services & tools (e.g., Splunk, SNORT, Syslog, Wireshark, nmap, nslookup, Tenable, EDR) Provide proactive defensive techniques that prevent threats based on packet signatures, threat intelligence, correlated data events, alerts, and security events in relation to improving & securing confidentiality, integrity, availability, authentication, and non-repudiation. Provide briefs, documentation, and reports for the network health, current enterprise threat landscape, and Indicator of Compromise (IoC) to internal & external organization(s) delivered to the daily, weekly & monthly presentations. Ability to accurately & completely source all data used in IT intelligence, assessment and/or planning products.Essential Skills, Experience, and Certifications:Required Experience: Must have an DOD 8570 IAT Level II, or higher, recognized Cyber Security certification such as: Security+ Ce, CCNA Security, CySA+, GSEC, CASP, CCNP Security, CISSP, Etc. Must have flexible scheduling availability, as the CSOC conducts 24x7x365 operations and has rotating shifts. Experience with cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, etc) Experience with cybersecurity tools (e.g., SIEM, SOAR, EDR, AV, IDS, IPS, NGFW) A good understanding of the OSI Model Practiced in well written technical documentation & clear communicationDesired Experience: Experience with Splunk Enterprise Experience with Palo Alto Networks products (e.g., Cortex XDR, Cortex XSOAR, PANOS) Experience with at least one of the following: Red Hat Enterprise Linux IT administration for OSX & iOS assets Microsoft OS Knowledge in Cloud Architecture Azure AWS Experience with Infrastructure as Code Platforms Ansible CloudFormation HashiCorp Suite Physical Demands and Work Environment:The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Physical Demands: While performing the duties of this job, this position requires the ability to sit for potentially long periods of time throughout the workday. Hearing sufficient to understand conversations, both in person and on the telephone. Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components for potentially long periods of time without experiencing abnormal hand, wrist, or eye strain. Occasional inspection of cables in floors and ceilings. Lifting and transporting moderately heavy objects, such as computers and peripherals. Must be able to lift up to 50 pounds. Work Environment: Includes a typical office environment, with minimal exposure to excessive noise or adverse environmental issues, including exposure to heat, cold, inclement weather conditions, and occasional environmental hazards. Local, regional, and national travel may be required.-- -Epsilon Benefits:Medical, Dental, Vision PlanAD&D and Life InsurancePaid Federal HolidaysPaid Time Off401(k) Retirement PlanEducation reimbursementReferral Bonuses-- --- -View More Careers at EPSILONURL: Follow us on: LinkedIn - Twitter - google+-- -Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets.-- -Please click-- -here-- -to review your rights under EEO policy.-- -If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone 828-398-5414 or by email-- -.-- -

Keywords: Epsilon, Inc., Greenville , Cybersecurity Defense Analyst, Professions , Greenville, South Carolina