Information Security Analyst I
Cyber Focus AI · United States · Yesterday
RemoteRemoteAnalystFull-time
About the role
The Information Security Analyst I position is within the Security Operations Center (SOC) team at Southern New Hampshire University (SNHU).
Responsibilities
- Respond and perform analysis on security alerts and incidents.
- Support technical investigations of complex or high-severity security threats or incidents.
- Cook up information security incident response with SNHU's Information Security Incident Response Plan.
- Coordinate the incident response lifecycle and have the analytical mindset needed when it comes to escalated investigations and investigations into novel security incidents.
- Participate in incident containment and eradication activities like endpoint isolation, malware remediation, forensic analysis, malware analysis, community member interviews, and network traffic analysis.
- Work cross-functionally across ITS and all SNHU teams to provide support, guidance, and technical implementations where appropriate, to include triage, containment, and remediation when applicable.
- Analyze digital evidence to identify indicators of compromise, adversary activity, root cause, incident timelines, and attack vector(s).
- Conduct real-time monitoring of security events from multiple sources and use analytical and critical thinking skills to identify, triage, analyze, investigate, and escalate information security events and alerts.
- Help perform investigations in complex or high-severity security threats or incidents.
- Communicate with partners, in a non-technical manner, at all organizational levels as part of incident response and remediation activities.
- Review and help implement standard operational processes for handling common incident types.
- Demonstrate a deep source of ethics, integrity, and confidentiality.
- Remain calm and function at the highest level during a crisis.
Requirements
- 2+ years working in a security operations center (SOC), a cybersecurity operations center or on a cybersecurity incident response team.
- Bachelor's degree.
- Professional Certification(s): CySA+, Sec+, or relevant certification.
- Understanding of MITRE ATT&CK Framework, Cyber Kill Chain, and cloud security principles.
- Familiarity with basic SIEM technology or EDR tools.
- Experience with IT networking.
- Experience with cloud security.
- Experience with Search Processing Language (SPL) or Kusto Query Language (KQL) with an ability to create complex queries for log analysis and security monitoring.
- Experience with enterprise security tools like Splunk, Tenable, Proofpoint tools, Microsoft Defender components, Office 365 tools, PowerShell, and multiple network tools.
- Experience with Cloud Platforms (Azure), security controls, and assessment techniques.
Qualifications
- Must reside in, and work from, one of the following states: Alabama, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Mississippi, Missouri, Nebraska, New Hampshire, New Mexico, North Carolina, North Dakota, Ohio, Oklahoma, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, West Virginia, Wisconsin and Wyoming.
- Requires a reliable internet connection and a dedicated, properly equipped workspace that is free of distractions.
Skills
- Strong communication skills.
- Ability to remain calm under pressure.
- Proficiency in Microsoft Office Suite.
- Knowledge of cybersecurity concepts and practices.
- Experience with cloud-based technologies.
- Technical problem-solving skills.
Benefits
Remote work option available in multiple states.
Pay
Competitive salary based on experience and qualifications.
Schedule
Office hours: Monday through Friday 8:00am - 4:30pm.
Work Environment And Physical Requirements
Professional office environment. Sedentary work: Requires remaining in a stationary position, often standing or sitting for prolonged periods.