Skip to Main Content
← Back to Jobs

Information Security Threat Hunter/Analyst

Advantage Resourcing Littleton, CO
  • Expired: 18 days ago. Applications are no longer accepted.
Information Security Threat Hunter/Analyst / 920064
Must be located in the Denver, CO area
Contract-to-hire
No 3rd party suppliers / W2 only

Position Description:
The Threat hunter/Analysts primary function is to identify and prioritize potential threats and identify trends. Configure security solutions to identify threats. Perform incident response, issue resolution, and assessment or communication of security risk to the enterprise and provide support by monitoring real-time security alerts, identifying and prioritizing potential threats. Lead security incident investigations. Complete and deliver complex security reports to management in business terms. Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise. Create correlations and other logic to identify attackers and defend the network against advanced attacks. Hunt for and identify threat actor groups and their techniques, tools and processes Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses, Provide expert analytic investigative support of large scale and complex security incidents, Perform Root Cause Analysis of security incidents for further enhancement of alert catalog.

Duties and Responsibilities:
• Maintain Industry Training - This involves keeping up-to-date on security technologies, threats, and risk mitigation techniques
• Maintain Knowledge of Current Threats - Keep up-to-date on current threats by regularly reading industry-related articles
• Case Management - ensuring the case management process is handled efficiently in a timely manner by all SOC personnel.
• SOC Activity Log -creating, reviewing, and maintaining entries, working with other analysts Report Creation - creating temporary or permanent reports for customers, as requested.
• Customer Meetings - attending and/or leading customer meetings as part of incident response and incident handling
• Training and Mentoring SOC personnel - Security Analysts are responsible for training new SOC employees; also responsible for training and mentoring existing SOC personnel on new technologies implemented by client; also responsible for retraining SOC personnel, if necessary
• Tuning - regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered
• System Maintenance - assisting SOC Engineers with maintenance on security devices, as needed
• Projects - May lead moderately complex security projects as assigned

Shift Responsibilities:
The Security Threat Hunter/Analyst is responsible for the following shift duties:
• Daily Traffic Review - replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst.
• Report Run Verification - ensure customer reports run as scheduled
• Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study
• Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents
• Handle Tier 2 event incident response, case management, and customer notification
• Ensure security devices contain up-to-date signatures libraries
• Assist with engineering tasks as necessary
• Train SOC Level 1 Analysts on new attack signatures and attack methodologies
• Providing process and operational improvement suggestions
• Review and update documentation (such as SOPs and TTPs)
• Complete vendor training as requested by Management
• Subscribe to and review security mailing lists such as ISC SANS (isc.sans.edu)
• View the Internet Storm Center on a daily basis for up-to-date news on recent Internet activity of note (http://isc.incidents.org)
• Daily Case Management - the Security Analyst will review open cases and provide follow up that may be required


Qualifications:
• U.S. Based
• 5+ years of Information Security experience
• 5+ years Firewall management and rules analysis
• 2-4 years of systems analysis
• Working knowledge of Linux and syslog from CLI
• Scripting Language knowledge of Python, Java, C++, SQL and powershell,
• Expert knowledge of Splunk and Splunk ES
• Expert knowledge of Burp suite and Kali Linux
• Proven ability and past experience performing moderately complex security analysis for information technology is required
• Excellent writing and communications skills
• Familiarization with a variety of information and network security monitoring tools (ArcSight SIEM, QRadar SIEM, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool, and Imperva WAF, among others)
• Ability to work in a dynamic team-centered environment

Education Preferred:
• Bachelors Degree in Computer Information Systems or related field

Industry Certifications:
Tier 3 Analysts should possess the background and experience necessary to obtain Industry or SOC specific certifications as instructed by management. Possible applicable certifications include, but are not limited to:
• Certified Information Systems Security Professional (CISSP)
• Information Systems Security Engineering Professional (CISSP-ISSEP)
• Systems Security Certified Practitioner (SSCP)
• CompTIA Security+
• Certified Ethical Hacker (CEH)
• Certified Security Analyst (ECSA)
• Certified Incident Handler (ECIH)
• CompTIA Cybersecurity Analyst (CSA+)
• Information Technology Infrastructure Library (ITIL)
• Cisco CCNA
• Cisco CCNP + Security
• GSEC
• GCIH
• GCIA
• MCSE
• Linux+

Work Experience:
• 2-3 years of Managed Security Service Provider Tier-1/2 Analyst/Operator Experience (Preferred)
• 3-4 years of SOC or NOSC analyst experience
• Threat Intelligence or Forensic background is a plus

About Advantage Resourcing

Advantage Resourcing makes all employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, ancestry, medical condition, age, marital status, national origin, citizen status, political affiliation, union membership, genetic information, physical or mental disability, veteran status, denial of medical or family leave, pregnancy or pregnancy disability leave or any other protected group status as defined by federal, state or local law. We will provide reasonable accommodations throughout the application or interviewing process. If you require a reasonable accommodation, contact us. Advantage Resourcing is an E-verify employer.

Advantage Resourcing

Why Work Here?

Advantage Resourcing is a group of Hire Thinking®, industry pioneers providing innovative workforce solutions for Automotive, Engineering, IT, Manufacturing, Professional and Supply Chain clients and candidates. Our goal is to deliver quality professional services to our clients, while earning confidence through the proper assignment of people. This alignment of people and companies allows us to create opportunity. Creating opportunities begins by gaining a complete understanding of what makes each company and candidate unique. This is accomplished by working with and listening to the client team and by conducting thorough interviews and skill evaluations with our candidates. Using this knowledge, Advantage Resourcing is able to provide tailored workforce solutions and qualified Talent that are the right fit for each company. This is Hire Thinking.

Address

Littleton, CO
USA

Website