Senior Cyber Security Ops Analyst and Remote

Job Description

Company: Gilder Search Group

Senior Cyber Security Ops Analyst | Remote | Contract

Senior Cyber Security Ops Analyst

Applicants Need To Know

• 6+ Month Contract

• Work Status: USC, GC

• Sponsorship: No, Sponsorship provided.

• Office Type: Remote

• Hourly Rate: $75 to $85 W2 Only

• No Corp-to-Corp

Please note that only candidates who are authorized to work in the United States without sponsorship will be considered for this position.

We seek a Senior Cyber Security Ops Analyst for our client. This is a contract position lasting 6+ months. The role is remote and requires availability in the Eastern or Central time zones.

The Work

• Conduct investigations and respond to internal and external security threats.

• Oversee, respond to, and remediate DLP (data loss prevention) and SIEM events from on-premise and cloud systems.

• Implement advanced security monitoring techniques to identify malicious behavior on SaaS, cloud systems, network, servers, and endpoints.

• Manage, administer, and improve security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS, and other industry-standard security technologies.

• Develop automation response scripts to remediate commodity threats.

• Perform threat hunting activities to identify compromised resources.

• Understand and perform threat analysis utilizing industry-standard frameworks (kill chain and diamond model).

• Perform threat research and intelligence gathering to improve detection and response capabilities.

• Propose and review security plans and policies to improve the security environment.

• Maintain operational playbooks, process diagrams, and documentation for security monitoring and response.

• Review proposed Security deployments to ensure security monitoring requirements are met.

• Provide off-hour support as needed for security monitoring and response activities.

• Work closely with MSSP services, external forensic providers, and in-house IT teams to respond to and remediate security incidents both internal and external.

• Review compromised systems to identify the root cause of security incidents.

Qualifications

• Minimum of 5 years of experience in security monitoring and incident response

• Strong knowledge of DLP (data loss prevention) and SIEM events

• Experience with advanced security monitoring techniques on SaaS, cloud systems, network, servers, and endpoints

• Proficiency in managing and administering security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS, and other industry standard security technologies

• Ability to develop automation response scripts for commodity threats

• Familiarity with threat hunting activities to identify compromised resources

• Understanding of threat analysis utilizing industry standard frameworks (kill chain and diamond model)

• Experience in threat research and intelligence gathering to improve detection and response capabilities

• Knowledge of reviewing security plans and policies to enhance the security environment

• Strong documentation skills for operational playbooks, process diagrams, and security monitoring/response documentation

• Ability to review proposed Security deployments to ensure compliance with security monitoring requirements

• Willingness to provide off-hour support for security monitoring and response activities

Nice to Have

• Experience with cloud security technologies such as CASB, Cloud Access Security Brokers

• Knowledge of scripting languages such as Python or PowerShell

• Familiarity with industry compliance standards (e.g., PCI DSS, HIPAA, GDPR)

• Certifications in relevant areas such as CISSP, CISM, or CEH

• Experience working with incident response tools and processes

Source: JobLeads