PURPOSE AND SCOPE
The Information Security Analyst defends against information security incidents and identifies, analyzes, communicates and contains incidents as they occur.
ESSENTIAL JOB FUNCTIONS
Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems
Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization
Correlates network, cloud and endpoint activity across environments to identify attacks and unauthorized use
Reviews alerts and data from sensors, and documents formal, technical incident reports
Works with threat intelligence and/or threat-hunting teams
Provides incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
Supports the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies
Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts
Researches emerging threats and vulnerabilities to aid in the identification of incidents
Perform security standards testing against computers before implementation to ensure security
Thanks.
Sam
Technical Recruiter
Phone: (313) 279-9920 ( (Text/Email/Call Preferred))
Email: SamC@globalsolgroup.com
www.GlobalSolGroup.com