We are looking to hire a Senior Cyber Security Analyst for one of our clients located in Boston, Massachusetts. The Cyber Security Operations Analyst role will be a member of a 4-person team, reporting to the Director of Cyber Security Operations, and will work closely with the Chief Information Security Officer (CISO). The rate is between $60 – 80/hr and the work mode is hybrid. To apply, kindly send your resume to information@korpeatech.com
Duties and Responsibilities:
Security Operations Response and Reporting:
- Review and respond to Security Operations Center alerts.
- Review and respond to Endpoint Detection and Response alerts.
- Manage Identity alerts and respond to ServiceNow tickets.
- Review daily reports, system-generated reports, and threat feeds for relevance or issues.
Splunk SIEM Logs Review and Improvement:
- Configure alerts based on gaps in proactive and responsive measures.
- Maintain a query repository for regular tasks and improve dashboard visibility across sources.
- Ensure data hygiene and CIM compliance with the data model.
Threat Detection & Incident Response:
- Conduct threat hunting by tracking common and novel techniques, tactics, Indicators of Compromise (IOCs), and applying measures for detected threats.
- Utilize custom Indicators of Attack (IOAs) and EDR SOAR workflows for automated response and remediation.
- Review network web proxy and firewall traffic to identify and address consistent abnormal or block events.
Monitoring & Visibility Recommendations:
- Develop metrics dashboards for security tools.
- Enhance network visibility across firewall and web proxy logs.
- Provide recommendations for security improvements, including hardening and content blocking.
- Audit and validate the deployment of security controls to meet standards, guidelines, and compliance requirements.
- Ensure controls are documented and functioning as intended.
- Verify that infrastructure and applications adhere to MassDOT’s information security policies and standards.
- Audit, report, and maintain a log of all policy violations.
Vulnerability Assessment Responsibilities
- Conduct vulnerability assessments of infrastructure and applications to identify and document gaps and risks.
- Communicate identified gaps, risks, and vulnerabilities to customers.
- Perform continuous monitoring and analyze the security posture related to infrastructure and applications.
- Manage and address events in MassDOT’s Security Information and Event Management (SIEM) system.
- Monitor and respond to security alerts, including virus alerts, breach notifications, zero-day vulnerabilities, and trending threats.
Required
- Minimum of 5 years’ experience as a Cyber Security Analyst
- Two plus (2+) years of training or practical experience in IT Operations
- Two plus (2+) years of training or practical experience in cyber security operations
- Strong work ethic, great time management, and highly inclusive team player
- Effective verbal and written communicator, with excellent writing skills
- Authorization to work indefinitely in the U.S.
Preferred:
- Bachelor's degree or equivalent in Cyber/Information Security
- Industry certifications such as CISSP
- Previous experience on a Cyber Security Operations team in a large organization
