Senior Cyber-Security Analyst

About Us:

Perfict Global is a leading IT consulting services provider focused on providing innovative and successful business workforce solutions to Fortune 500 companies. Our trained and experienced professionals constantly strive to bring together the best technologies available to manage client's complex business and technology, participate in implementation activities and collaborate in new ways to meet client needs.

We provide excellent benefits such as Medical, Dental, Vision ++ a fun company to work!!!

W2 ROLE ONLY

Job description:

MUST come on-site 3 days a week in the Boca Raton, FL area. Either local or willing to relocate.

Over 6 years of experience in the cyber security space with SIEM experience.

The Senior Cyber-Security Analyst is a member of the Information Security department and reports directly to the Manager, Security Operations Team.

Responsibilities:

• Serve as technical escalation resource for Tier I/II Analysts/Engineers

• Investigate and document events to aid incident responders, managers and other Security Operations team members on security issues and the emergence of new threats.

• Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.

• Create and maintain data security documentation, policies and procedures.

• Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).

• Evaluate current Security Operations standards and procedures and update or author new content as required.

• Leverage a deep understanding of current and evolving security threats and threat detection solutions as well as contribute to the company's threat and vulnerability research and IT security strategy and roadmap.

• Leverage automation and orchestration solutions to automate repetitive tasks. (Scripting abilities with Python are highly desired.)

• Seek opportunities to drive efficiencies and collaborate with other technology teams (e.g. NOC, Service Desk)

a. Partner with the security engineering team to improve tool usage and workflow

b. Partner with MDR and internal teams to mature monitoring and response capabilities.

• Adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling of security incidents and events.

• Leverage knowledge of security on multiple platforms and disciplines (Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security and data networking)

• On major incidents, acts as incident commander and primary point of contact.

• As a senior member of the team, monitor and process responses for security events on a 24x7 basis. (Periodic on-call shift coverage)

• Perform other related duties as assigned.

Desired Skills:

• Experience working with various SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.

• Moderate to Advanced knowledge in the following areas: Event analysis leveraging SIEM tools, log parsing and analysis skill set, networking fundamentals, current threat landscape, malware operation and indicators, penetration techniques, DDoS mitigation techniques, IDS/IPS systems, Windows and Unix or Linux, Firewall and Proxy technology, Data Loss Prevention monitoring, scripting, analysis experience, and audit requirements (PCI, HIPPA, SOX, etc.)

• Extensive experience in Incident Response, Incident Handling and Security Operations

• Experience in digital forensics preferred to include processes and procedures for collecting and preserving digital evidence, data acquisition, and forensic analysis of data

• Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats

• Perform investigation and escalation for complex or high severity security threats or incidents

• Advanced knowledge and expertise in the use of SIEM technologies for event investigation

• Assist in defining and driving strategic initiatives

• Coordinate evidence/data gathering and documentation and review Security Incident reports

Qualifications/Requirements:

• Bachelor's degree in Information Technology/Security or 10 years of progressive experience in the IT / Information Security space required.

• Excellent Project management skills, including ability to create and maintain security project plans, schedules, metrics and progress reports/presentations.

• Experience working with change management principles and operations.

• General knowledge and understanding of information security and privacy-related regulations.

• Ability to plan, organize, and prioritize a varied workload.

• Experience driving measurable improvement in monitoring and response capabilities at scale.

• Knowledge of a variety of Internet protocols

• Critical thinking skills and the ability to solve problems as they arise

• Ability to work effectively with technical and non-technical personnel in a cross-functional setting.

• Ability to relate security principles and processes to business and other departments.

• Proficient knowledge of the Microsoft Office suite required.

• Strong written and verbal communication skills required.

• Must be authorized to work in the US, no sponsorship