Security Analyst
ECLARO · Arlington, TX · 3 wk ago
On-siteInformation Technology$55–$60/hrOther
Responsibilities
- Security Operations & Monitoring
- Lead investigation and response to security incidents involving endpoints, servers, network infrastructure, identity platforms, and cloud services.
- Perform incident triage, containment, remediation coordination, and post-incident analysis.
- Manage, tune, and improve security monitoring tools, including SIEM, IDS/IPS, EDR/XDR, NetFlow analyzers, and log aggregation platforms.
- Analyze phishing attempts and suspicious email activity, including header analysis and email flow troubleshooting.
- Maintain and review web and content filtering platforms, assessing risk related to URLs, domains, and external services.
- Network & Infrastructure Security
- Partner with Networking and IT Operations teams to troubleshoot and resolve security-related connectivity, routing, or authentication issues.
- Maintain and improve secure configurations for firewalls, VPNs, load balancers, and cloud connectivity.
- Support DDoS detection, mitigation coordination, and response activities.
- Maintain DNS security hygiene, including name resolution integrity and protection against DNS-based attacks.
- Support secure traffic distribution using load balancing or DNS traffic management technologies (e.g., F5 or similar platforms).
- Identity & Access Security
- Support Active Directory, Azure AD, ADFS, and related identity platforms from a security perspective.
- Investigate authentication anomalies, account misuse, and privileged access issues.
- Help enforce identity security best practices, including least privilege, access reviews, and monitoring.
- Vulnerability & Patch Management
- Analyze security advisories, CVEs, and vendor bulletins affecting infrastructure, operating systems, and enterprise applications.
- Validate and track patch deployment across servers, endpoints, network devices, and security appliances.
- Coordinate with infrastructure, endpoint, and SCCM teams to align patching with risk and business priorities.
- Incident Response & Forensics
- Perform security investigations using log analysis, endpoint data, and network evidence.
- Conduct packet captures, log correlation, and threat hunting activities.
- Identify root causes of security incidents and recommend long-term mitigation strategies.
- Document findings, lessons learned, and corrective actions.
- Project & Operational Support
- Contribute to security-related projects, including tool deployments, upgrades, and architectural improvements.
- Provide security guidance on infrastructure changes, firewall rules, segmentation, and system designs.
- Partner with cross-functional teams to ensure secure deployment of new applications and services.
- Aid in the development and improvement of security standards, procedures, and documentation.
- Minimum five years' experience in an IT related field
- Advanced knowledge of IT Security Operations and Forensic Operations
- Advanced knowledge of IT Networking and Network Security Operations
- Advanced knowledge of IT Infrastructure and Applications
- Advanced knowledge of Cyber Attackers and Threat Actor tactics
- Advanced experience of project management and delegation
- Advanced business communication and collaboration skills
- Advanced Documentation skills
- Ability to work with teammates on projects
- Ability to work alone and accomplish tasks independently
- Ability to interpret research into solutions to actual problems
- Customer Service skills
- Experienced mentoring and training skills
- Ability to apply common sense understanding to carry out instructions furnished in written oral form or via DRH applications
- Proficiency with MS Office and email