Cyber Security Analyst - DDOS, IDS/IPS, Security Threats

Description

Cyber Security Analyst - DDOS, IDS/IPS, Security Threats is required by my customer who is based in Providence, Rhode Island.

Skills and Experience:

• Minimum 7 years experience with MS Windows and Linux operating systems.
• Minimum 5 years experience working with DNS, routing, authentication, VPN, Proxy and DDOS mitigation technologies.
• Experience working within SaaS/PaaS environments (AWS, Azure or similar).
• Minimum 2 years experience coordinating, reporting on and remediation network, web and mobile application pen tests.
• Experience in network monitoring, packet capture analysis and network troubleshooting.
• Exposure to incident response including forensics and event review.
• Experience working in fast paced, team-oriented and collaborative environments in a SaaS organization.
• Demonstrated ability to serve as a hands-on lead for technical security aspects of information security programs.
• Hand on experience with common security tools such as IDS/IPS, Network and Host-based firewalls, DLP, Metasploit and Nexpose.
• Knowledge of programming languages and command Shell scripting.
• Must understand Information Security including security threats, vulnerabilities, attacks, responsible groups, motivations and techniques.

Role Responsibilities:

• Reporting to the Director, Information Security & SaaS Operations, the Cyber Security Analyst will be responsible for the prevention, detection and response to cyber threats.. The role will be focused on preventing, identifying and remediating weaknesses and vulnerabilities across our technical infrastructure and applications.
• Maintain security for enterprise systems and identify issues that could compromise confidentiality, integrity or availability of data across the enterprise.
• Work within the security alerts ticketing system, ensuring alerts are triaged or escalated within appropriate timeline.
• Coordinate and perform vulnerability and penetration testing of web, mobile apps and networks, working with engineering teams to plan and document remediation activity.
• Anticipate security alerts, incidents and disasters and recommend, plan and implement controls to reduce likelihood.
• Recommend and install appropriate tools and countermeasures.
• Contribute on the design, development and implementation of new analytic methods for detecting threats.
• Verify that application software/network/system security controls are implemented as stated, documents deviations, and recommends required actions to correct those deviations.
• Manage and administer updates to rules and signatures within security applications.
• Lead and participate in risk and vulnerability scanning, log file analysis and correlation and audits, reporting findings clearly in relation to implications for existing infrastructure and applications.
• Serve as a member of the CIRT as SME for investigation, escalation, and coordination of information security incidents, including planning, designing and testing procedures.
• Provide Information Security guidance to project teams across the business for requests from internal users, vendors and clients, serving as SME for projects requiring security risk assessments.
• Remain up to date with advances in cyber security technology.
• Work with Information Security Analysts to develop metrics to benchmark security tool performance to identify trends and recommend improvements where required.
• Work with IT Ops and DevOps teams to troubleshoot issues with existing security and privacy protection protocols.
• Develop positive working relationships with business and technical functions involved in security and privacy matters.
• Carry out any supplementary tasks, as needed to support the broader Technical Operations function.

Mercator IT Solutions provides services as an agency and an employment business