Analyst, Security Operations - US Based Remote

Analyst Security Operations

We are currently seeking to the fill the role of Analyst Security Operations. This position will report to the Manager of Security Operations. The Analyst role will be responsible for the management, deployment, and continuous improvement of the tools and processes leveraged by the Cyber Incident Response Team.

The candidate is knowledgeable in the field of security incident response. Successful candidates typically have 3-5 years of information security and IT systems experience with strong focus on Incident Response as well as technical certifications to reinforce their practical experience. The candidate has strong coordination, communication, and collaborations skills as well as a good technical and architectural understanding. On a day-to-day basis the Analyst role will assist with identifying and responding to incidents as well as conducting research and development in cyber security to proactively propose improvements for how to reduce risk and strengthen the security posture of Anywhere and our ability to respond to cyber-attacks.

Responsibilities:

• Independently lead computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action.
• Leverage, implement, and fine tune Incident Response tools leveraged by Anywhere to proactively hunt for indications of compromise.
• Conduct in-depth analysis of cyber threat data to include identification of active security threats, development of new analytic methods, reverse engineering of malicious code, and documenting and transitioning results in reports and presentations.
• Maintain a functional Cyber Incident Response lab that is designed to safely and accurately aid the team’s ability to analyze threats to Anywhere.
• Backup the Security Operations Manager and be the Technical IR Commander when needed, and or by rotation. When acting as the IR Commander this role will be expected to Lead the response to Cyber Security threats and incidents for the collection, analysis, and preservation of digital evidence.
• Execute, develop, and document Incident Handling Guides

Qualifications:

• Minimum 3-5 years of experience in Information Security
• Bachelor of Science Degree with a concentration in Computer Science, or Information Technology, or equivalent prior work experience in a related field.
• One or more industry certifications (or achieve within 6 months):

CISSP, GCED, CEH, GCIH, GCFA, GCFE, etc.

• Knowledge of Endpoint Detection & Response tools (CrowdStrike preferred)
• Knowledge of the Windows Operating System including the following areas, (Windows Firewall, Registry, Group/Local Policy, Active Directory)
• Knowledge of Splunk and writing SPL.
• Experience in Vulnerability Assessment, IDS/IPS configuration/monitoring, E-Mail security, Firewalls, TCP/IP packet analysis, Log analysis, understanding of IT standards, including but not limited to the OSI model, and the methods of exploiting those standards.
• Knowledge of Information Security products and systems (Forensics toolkits, EDR, IDPS, HIPS, SIEM, etc.)
• Extensive knowledge and understanding of operating system internals, network security architecture, and protocol analysis.
• Knowledge of networking protocols and authentication methods.
• Proficient in at least one scripting and or object-oriented language such as but limited to, Perl, Python, Visual Basic, PowerShell, & C++
• Proficient in at least one means of transactional data processing and or data manipulation such as but not limited to Transact-SQL, MySQL, Oracle, GREP, REGEX, & SPL
• Familiar with the most common forms of web development such as but not limited to, HTML, XML, PHP, Java, & .net
• Familiar with current Pen Testing techniques and tools such as Kali Linux, Pass the hash, hashcat, & Metasploit
• Understanding of incident response methodologies and technologies
• Understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation
• Strong analytical skills, creative thinking, and knowledgeable of security operations
• Willing to participate in on-call rotation for emergency cyber security situations.
• Strong communication skills are necessary, including experience in:

Authoring and editing technical reports and collaborating with technical analysts.