Security Analyst
Neptune Technology Group · Duluth, GA · 2 wk ago
HybridInformation TechnologyFull-time
Position Summary
Security Analyst - As a Security Analyst within Neptune's Security Operations Center (SOC), you will be responsible for monitoring, investigating, and responding to cybersecurity threats across Neptune's enterprise environment.
Responsibilities
- Monitor security events, alerts, and detections across Neptune's security platforms
- Investigate escalated alerts and suspicious activity identified through security monitoring tools
- Analyze security events to determine legitimacy, impact, and required response actions
- Identify indicators of compromise, malicious activity, and emerging threats
- Perform threat hunting activities to proactively identify potential security risks
- Monitor security dashboards and ensure timely response to security events
- Participate in cybersecurity incident response activities, including investigation, containment, eradication, and recovery
- Perform initial triage and analysis of security incidents
- Collect and analyze forensic artifacts, logs, and endpoint telemetry during investigations
- Document findings, response actions, and lessons learned
- Escalate incidents appropriately based on severity and impact
- Support root cause analysis and post-incident reviews
- Collaborate with IT Operations, Infrastructure, Engineering, and Application teams during investigations and remediation activities
- Support vulnerability management efforts by identifying and tracking remediation activities
- Aid in security reviews of systems, applications, and infrastructure
- Support security awareness and operational readiness efforts
- Collaborate with Neptune's MSSP and third-party security partners during investigations
- Support the configuration, administration, maintenance, and tuning of security tools
- Aid in detection rule creation, tuning, and optimization
- Validate security telemetry and log ingestion across monitoring platforms
- Support security automation and orchestration initiatives
- Aid in the deployment and implementation of new security technologies
- Aid in dashboard creation, reporting, and security metrics development
- Support compliance initiatives aligned with NIST, CIS Controls, ISO 27001, and Roper Cybersecurity requirements
- Aid in audit requests, evidence collection, and security documentation
- Maintain incident records, procedures, and operational runbooks
- Support continuous improvement of SOC processes and procedures
Minimum Qualifications
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
- 2+ years of experience in cybersecurity, security operations, IT operations, or related technical field
- Experience investigating security alerts, detections, and incidents
- Understanding of security concepts including malware, phishing, identity attacks, vulnerabilities, and network security
- Familiarity with SIEM, EDR, and security monitoring platforms
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills
- Ability to work independently and collaboratively within a team environment
Preferred Qualifications
- 3+ years of Security Operations Center (SOC) experience
- Experience with CrowdStrike Falcon, Google SecOps, Microsoft Defender, or similar platforms
- Experience with incident response and digital forensics investigations
- Experience with vulnerability management programs
- Familiarity with MITRE ATT&;CK Framework
- Knowledge of NIST Cybersecurity Framework and CIS Controls
- Experience with scripting or automation (PowerS hell, Python)