The Cyber Defense Analyst will play a critical role in our cybersecurity team, responsible for identifying, analyzing, and mitigating cyber threats. The analyst will notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
Your responsibilities will include:
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources; develop content for cyber defense tools.
• Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack; perform cyber defense trend analysis and reporting.
• Provide daily summary reports of network events and activity relevant to cyber defense practices.
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
• Use cyber defense tools for continual monitoring and analysis of system activity to identify potential malicious activity.
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
• Identify applications and operating systems of a network device based on network traffic.
• Reconstruct a malicious attack or an activity utilizing network traffic.
• Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected security incidents and communicate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
• Proficient in using data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events for mitigating threats.
• Strong ability to characterize and analyze network traffic to identify anomalous activity and potential threats.
• Skilled in documenting and escalating incidents with detailed event history, status, and potential impact.
• Capable of performing event correlation and cyber defense trend analysis.
• Experience in providing daily summary reports of network events and activities.
• Proficient in analyzing network alerts and determining possible causes.
• Ability to provide timely detection, identification, and alerting of possible attacks/intrusions.
• Expertise in using cyber defense tools for continual monitoring and analysis.
• Strong analytical skills to determine weaknesses exploited, exploitation methods, and effects on systems and information.
• Ability to identify applications and operating systems of network devices based on network traffic.
• Skilled in reconstructing malicious attacks or activities using network traffic.
