ATSS is looking for a Cyber Security Analyst for a client in the Mobile, AL. area:
GENERAL FUNCTION: A key member of the company’s Security Operations Center. Responsibilities will include network security analysis, monitoring, incident response, forensic analysis, as well as maintenance and configuration of network security tools. Will work with the latest technologies to detect, analyze, and limit intrusions and security events. Reports directly to the Information System Security Manager.
TYPICAL DUTIES: The following statements are intended to describe the general nature and level of work being performed and are not to be construed as an exhaustive list of all responsibilities.
• Resolve cyber forensic issues using computer host analysis, network resource, and log analysis techniques.
• Discover, analyze, diagnose, and report on user activity, files and network events and vulnerability issues.
• Recover data, such as documents, photos, and emails from computer hard drives, and other storage devices that have been deleted, damaged, or otherwise manipulated.
• Provide timely and cogent analysis and maintain excellent record keeping and evidence storage practices.
• Record and report security-related incidents as a member of the company’s Cybersecurity Incident Response Team (CIRT).
• Support investigations conducted by the company’s Security Department, Human Resources Department.
• Serve as subject matter expert on a variety of issues and routinely interface with external stakeholders, including legal counsel, law enforcement and fellow technical experts, as well as corporate leadership.
• Develop analysis and make recommendations for the purchase and utilization of hardware and software that addresses specific security-related requirements and maintains proficiency on all forensic platforms employed.
• Develop policies and procedures to investigate user behavior by means of automated information systems.
• Assist in the development and delivery of computer forensic security awareness products and briefings.
• Create, monitor, analyze, modify, and update intrusion detection systems, intrusion prevention systems, and Security Information and Event Management (SIEM).
• Recognize potential successful and unsuccessful intrusion attempts and compromises reviews and analyses of relevant event detail and summary information.
• Evaluate and deconstruct malware.
• Analyze large sets of data to discover indications of compromise.
• Assist with implementation of countermeasures or mitigating controls.
• Create and maintain cybersecurity-related standard operating procedures.
• Consolidate and conduct comprehensive analysis of threat data.
• Participate in Red Team by playing the role of an enemy or competitor and provide security feedback from that perspective.
REQUIRED KNOWLEDGE, SKILLS & ABILITIES:
• Knowledge of local, State and Federal laws and regulations related to security controls.
• Ability to create forensic images.
• Ability to author cyber investigative reports documenting digital forensic findings.
• Proficiency with analysis and characterization of cyber-attacks.
• Proficiency with proper evidence handling procedures and chain of custody protocols
• Skilled in identifying different classes of attacks and attack stages.
• Understanding of potential system and application security threats and vulnerabilities.
• Understanding of proactive analysis of systems and networks to include creating trust levels of critical resources.
• Knowledge of National Institute of Standards and Technology (NIST) compliance guidelines including NIST 800-171 and NIST 800-53.
• Knowledge of network security and cyber forensic concepts.
• Knowledge of web-based application security concepts.
• Knowledge of Electrical and Electronics Engineers 802.11 security concepts.
• Knowledge of operating systems including Windows, Linux, and Unix.
• Understanding of internet protocol suite.
• Knowledge of social engineering techniques and tactics.
• Knowledge of operations security controls.
• Ability to work, problem-solve and exercise independent judgement; interpret information and formulate actionable steps.
• Ability to communicate clearly and effectively, both verbally and in writing.
• Ability to establish and maintain effective working relationships with employees of all levels while maintaining a high level of confidentiality and diplomacy.
• Knowledge of standard practices related to data management, classification, and control.
• Ability to prioritize competing work assignments and initiatives to complete tasks.
• Willing to work rotating shifts.