CYBERSECURITY THREAT ANALYST - REMOTE
ARC Group has an immediate opportunity for a Cybersecurity Threat Analyst with strong SIEM experience! This position is 100% remote! This is starting out as a contract position running through April 2025 with strong potential to extend or possibly convert to FTE. This is a fantastic opportunity to join an established and well-respected organization offering tremendous career growth potential.
At ARC Group, we are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We believe that diverse perspectives lead to better innovation and problem-solving. As an organization, we embrace diversity in all its forms and encourage individuals from underrepresented groups to apply.
Position is 100% remote!
Candidates must have permanent work authorization and work for any employer without sponsorship now or in the future. Third party candidates are not eligible for this role.
The Cybersecurity Threat Analyst/Cybersecurity Detection Engineer independently develops, maintains, and implements comprehensive information security monitoring programs including defining security policies, processes and standards for large and complex environments. Perform comprehensive threat analysis and recommends appropriate course of action, mitigation, and remediation. Provide consultative guidance on the development of information security strategies and programs through demonstrated expertise and knowledge of industry trends and changes with respect to advanced and sophisticated cyberattacks and threats. Lead efforts, oversee work results, provide formal training, and serve as a technical resource for Information Security team members.
Essential Functions
- The essential functions listed represent the major duties of this role, additional duties may be assigned.
- Independently, proactively, and automatically correlates and analyzes threat data from various sources and analyzes network events to design, develop, and maintain threat detection rules, alerts, and use cases to support the organization’s detection strategy.
- Continuously evaluate and improve the performance and efficacy of the SIEM by tuning existing rules and integrating new data sources.
- Independently conducts industry research and technical evaluation of all-sources and vendor supplied intelligence--with specific emphasis on network operations and advanced and sophisticated cyber tactics, techniques, and procedures
- Subject matter expert in the detection and identification of cyberattack signatures, tactics, techniques, and procedures associated with advanced threats
- Leads assessments and development of cyber threat profiles of current events based on collection, research and analysis of open-source information
- Leads analysis and development of monitoring alerts and threats. Once alert is developed, proposes and leads cross-departmental efforts, if required, to implement appropriate notifications and identify controls that will help mitigate risk and vulnerabilities, as well as safeguard our systems and data
- Independently and proactively prepares detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders
- Develops and maintains documentation for security monitoring procedures and security diagrams
- Leads the development of proposed design, configuration, and implementation of security monitoring architecture
- Serve as a subject matter expert for team members, specializing in security alert detection, host analysis, and log analysis
- Creates and leads initiatives to improve detection engineering processes
- Leads improvements discussions with third-party vendor regarding security detection functions
- Proactively identifies company-wide program opportunities and works to implement solutions. Guides the direction of the overall information security monitoring and threat analysis program
- Provides guidance and assistance to junior members of the team
Required Work Experience
6+ years related work experience.
Required Qualifications
- Demonstrated proficiencies in emerging technologies.
- Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and/or threats
- Strong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances
- In-depth knowledge of information threat analysis and detection concepts and principles and impact
- Experience working and managing vendor performance and service level agreements
- Proven leadership abilities including effective knowledge sharing, conflict resolution, facilitation of open discussions, fairness and displaying appropriate levels of assertiveness.
- Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
- Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
- Ability to manage tasks independently and take ownership of responsibilities
- Ability to learn from mistakes and apply constructive feedback to improve performance
- Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
- Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
- Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks
- High critical thinking skills required to evaluate complex, multi-sourced security intelligence information, analyze and confirm root cause, an independently identify mitigation alternatives and solutions that safeguard our technical environment.
Additional Preferred Qualifications (not Required)
- 3-5 years of detection engineering/SIEM Management experience
- Experience using Agile methodology
- Knowledge of SciPy or Machine Learning Toolkit
- Knowledge of threat intelligence lifecycle/processing of threat intelligence
- Familiarity with various control frameworks including SOC2, HiTrust, ARS, etc.
- Knowledge of database activity monitoring for SQL/NoSQL databases
Required Education
Related Bachelor’s degree or additional related equivalent work experience IT related field
Preferred Licenses And Certifications
- CISSP - Cert Information Systems Security Prof or CySA+, CISM, etc.
Would you like to know more about our new opportunity? For immediate consideration, please send your resume directly to John Burke at johnb@arcgonline.com or apply online while viewing all of our open positions at www.arcgonline.com.
ARC Group is a Forbes-ranked a top 20 recruiting and executive search firm working with clients nationwide to recruit the highest quality technical resources. We have achieved this by understanding both our candidate's and client's needs and goals and serving both with integrity and a shared desire to succeed.
At ARC Group, we are committed to providing equal employment opportunities and fostering an inclusive work environment. We encourage applications from all qualified individuals regardless of race, ethnicity, religion, gender identity, sexual orientation, age, disability, or any other protected status. If you require accommodations during the recruitment process, please let us know.
Position is offered with no fee to candidate.