Senior IT Security Analyst
ManhattanLife · Houston, TX · 1 wk ago
On-siteAnalystFull-time
Duties and Responsibilities
- Proactively monitor and analyze network traffic, security alerts, and security events, performing threat-hunting activities using Arctic Wolf SOC.
- Respond to, investigate, and manage security incidents and alerts across Microsoft 365 Defender and Cisco security platforms.
- Handle security tickets, document findings, and escalate issues appropriately within Arctic Wolf’s portal.
- Configure, maintain, and support Cisco security solutions, including Cisco AMP/Secure Endpoint, Umbrella, Duo, and Cloud Email Security Appliances.
- Leverage Cylance to detect, investigate, and prevent endpoint-based threats.
- Administer, monitor, and optimize Akamai Web Application Firewall configuration, policies, and rule sets to protect web-facing applications from common exploits and threats.
- Stay current on emerging cyber threats, vulnerabilities, attack techniques, and mitigation strategies.
- Support continuous improvement of security monitoring, incident response, and endpoint protection processes.
Minimum Qualifications
- A High School Diploma or equivalent required.
- Minimum of five years of professional experience in IT security, cybersecurity operations, incident response, threat detection, or a closely related role.
- Hands-on experience with enterprise security tools, endpoint protection platforms, security alert triage, and incident management.
- Industry cybersecurity certification required, such as CompTIA Security+, CISSP, CySA+, GSEC, CISM, or equivalent.
Knowledge, Skills, and Abilities
- Minimum of five years of hands-on experience with Arctic Wolf SOC, including incident triage, alert review, ticket management, and escalation procedures.
- Minimum of five years of experience working with Microsoft 365 Defender, including Defender for Endpoint, Defender for Identity, and Defender for Office 365.
- Minimum of five years of operational experience with Cisco security technologies, including Cisco AMP/Secure Endpoint, Umbrella, Duo, and Cloud Email Security.
- Minimum of five years of experience using endpoint protection solutions, including Cylance or comparable platforms.
- Minimum of five years of experience configuring, administering, and managing Web Application Firewall technologies, preferably Akamai WAF.
- Strong knowledge of cybersecurity principles, threat detection, vulnerability management, access controls, and incident response practices.
- Strong analytical, troubleshooting, and problem-solving skills.
- Effective verbal and written communication skills, with the ability to document incidents, findings, and remediation steps clearly.
- Ability to prioritize competing tasks and respond calmly and effectively under pressure.
- Familiarity with ConnectWise Manage and ConnectWise Automate platforms preferred.
- Active cybersecurity certification is mandatory, such as CompTIA Security+, CISSP, CySA+, GSEC, CISM, or equivalent.