w2/1099/Self Corp – Corp must be on name of candidate
Must have valid LinkedIn with Profile Picture
Need DL and Visa Copy with Submission
Candidate must be local to Boston, MA
CyberSecOps Analyst
Description
client in Boston, MA is seeking a CyberSecOps Analyst. Security Operations Response and Reporting:
- Review and respond to Security Operations Center alerts
- Review and respond to Endpoint Detection and Response alerts
- Manage Identity alerts and respond to ServiceNow tickets
- Review daily reports, system-generated reports, and threat feeds for relevance or issues
Splunk SIEM Logs Review And Improvement
- Configure alerts based on gaps in proactive and responsive measures
- Ensure data hygiene and CIM compliance with the data model
Threat Detection & Incident Response:
- Conduct threat hunting by tracking common and novel techniques, tactics, Indicators of Compromise (IOCs), and applying measures for detected threats
- Utilize custom Indicators of Attack (IOAs) and EDR SOAR workflows for automated response and remediation
- Review network web proxy and firewall traffic to identify and address consistent abnormal or block events
Monitoring & Visibility Recommendations:
- Enhance network visibility across firewall and web proxy logs
- Provide recommendations for security improvements, including hardening and content blocking
- Audit and validate the deployment of security controls to meet standards, guidelines, and compliance requirements
Vulnerability Assessment Responsibilities
- Conduct vulnerability assessments of infrastructure and applications to identify and document gaps and risks
- Monitor and respond to security alerts, including virus alerts, breach notifications, zero-day vulnerabilities, and trending threats
Additional
- Develop and recommend security solutions based on business needs, regulatory requirements, and industry best practices
- Provide deskside support to end users when necessary to gather evidence for an investigation, provide advice on safe computing practices, and to diagnose systems as SME for security tools, attack tactics & techniques, and forensic analysis
Requirements
- 2+ years of training or practical experience in IT Operations
- 2+ years of training or practical experience in cyber security operations
- Strong work ethic, great time management, and highly inclusive team player
- Effective verbal and written communicator, with excellent writing skills
- Visa sponsorship is not available for this position
Preferred
- Bachelor's degree or equivalent in Cyber/Information Security
- Industry certifications such as CISSP
- Previous experience on a Cyber Security Operations team in a large organization