Position: Information Security Analyst [Entry Level]
Location: Franklin Lakes, NJ [Office and remote locations]
Duration: 3+ Months Contract
Total Hours/week: 40.00
1st Shift
Client: Medical Device Company
Employment Type: Contract on W2 (Need US Citizens Or GC Holders Only)
No H1B’s
Description
To improve the security of products and solutions by design, in use and through partnership. This role will focus on Integrated Supply Chain and Manufacturing Operational Technology (OT).
This entry level person should have a technical understanding of enterprise IT and OT environments. They should have experience investigating complex technical security incidents.
You will leverage a broad array of investigative information, including log data, to identify and investigate potential security incidents.
Essential Job Functions
The following duties and responsibilities are intended to be representative of the work performed by the incumbent(s) in this position and are not all-inclusive. The omission of a specific duty or responsibility will not preclude it from the position.
- Strong understanding of security principles such as attack frameworks, threat landscapes, attacker/APT TTPs, etc.
- Active participation in 24x7 operations of the BD Security Operations Center. This includes proactively monitoring and providing cybersecurity status and reports to enable timely decision-making
- Operate within direction to investigate and escalate in accordance with protocols
- Perform host-based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response.
- Provide direction to managed service provider to triage alerts, collect related data from various network analysis systems, review available open and closed source information on related threats & vulnerabilities, diagnose observed activity for likelihood of system infection, compromise or unintended/high-risk exposure.
- Proactively threat hunt by performing analysis of events in the current SIEM and other SOC tools looking for malicious activity and other security related events that were not identified by the automated processes.
- Develop content and action tuning requests to improve alert fidelity and reduce false positives
- Ensure all incidents are supported with evidence and artifacts derived from analysis. Provide clear and actionable event notifications
- Recommend detection and prevention/mitigation signatures and actions as part of a layered defensive strategy leveraging multiple capabilities and data types.
- You will help identify advanced anomaly detection strategies and instrument systems to automate detections
- Develop program metrics and reporting, compile and analyze data for accurately timely reporting of activity
- Assist with additional projects as needed
Basic Qualifications
- In-depth knowledge of Windows operating systems, other OS’s such as Linux is a plus
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Previous experience in Network monitoring platforms
- Preferred Certifications: CISSP, GCIH, GCTI, CCTHP etc.
- Excellent analytical and problem-solving skills
- Proven ability to act independently and to execute with limited information and ambiguity
Education And/or Experience
- Experience in Security Operations Center is desired
- Associate’s or Bachelor’s Degree in a relevant field or equal level of experience
- Detail-oriented with the ability to promptly assess logs for accuracy as well as consistency
- Strong interpersonal skills with the ability to influence others in a positive and effective manner
- Ability to work in a team environment
- Excellent communication skills; both oral and written
- Demonstrated ability to contribute to a continuous learning and process improvement environment
Physical Demands
Use of computer, phone, ability to travel globally.
Work Environment
Office and remote locations
