Language Language

English English español español

E Recruit E Recruit


   Back to Results

Job Title:

Information Security Threat Hunter / Analyst - Littleton, CO

Job Description:

Information Security Threat Hunter / Analyst 

We are currently seeking a seasoned Information Security Threat Hunter / Analyst for a 12+month contractual opportunity with our client in Littleton, CO. The Analyst’s primary function is to identify and prioritize potential threats and identify trends. You will configure security solutions to identify threats; perform incident response, issue resolution, and assessment or communication of security risk to the enterprise and provide support by monitoring real-time security alerts, identifying and prioritizing potential threats. You will lead security incident investigations, complete and deliver complex security reports to management in business terms and analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise. Additionally, you will create correlations and other logic to identify attackers and defend the network against advanced attacks, and hunt for and identify threat actor groups and their techniques, tools and processes Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses, provide expert analytic investigative support of large scale and complex security incidents, and perform Root Cause Analysis of security incidents for further enhancement of alert catalog. 

Shift Responsibilities:

The Security Threat Hunter/Analyst is responsible for the following shift duties: 

  • Daily Traffic Review - replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst.
  • Report Run Verification - ensure customer reports run as scheduled
  • Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study
  • Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents
  • Handle Tier 2 event incident response, case management, and customer notification
  • Ensure security devices contain up-to-date signatures libraries
  • Assist with engineering tasks as necessary
  • Train SOC Level 1 Analysts on new attack signatures and attack methodologies
  • Providing process and operational improvement suggestions
  • Review and update documentation (such as SOPs and TTPs)
  • Complete vendor training as requested by Management
  • Subscribe to and review security mailing lists such as ISC SANS (isc.sans.edu)
  • View the Internet Storm Center on a daily basis for up-to-date news on recent Internet activity of note (http://isc.incidents.org)
  • Daily Case Management - the Security Analyst will review open cases and provide follow up that may be required 

Qualifications:

  • U.S. Based
  • 5+ years of Information Security experience
  • 5+ years Firewall management and rules analysis
  • 2-4 years of systems analysis
  • 2-3 years of working experience as a Managed Security Service Provider Tier-1/2 Analyst/Operator (Preferred)
  • 3-4 years of SOC or NOSC Analyst working experience
  • Threat Intelligence or Forensic background is a plus
  • Working knowledge of Linux and syslog from CLI
  • Proven ability and past experience performing moderately complex security analysis for information technology is required
  • Excellent writing and communications skills
  • Familiarization with a variety of information and network security monitoring tools (ArcSight SIEM, QRadar SIEM, Splunk, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool, and Imperva WAF, among others)
  • Ability to work in a dynamic team-centered environment 

Education Preferred:

BS Degree in Computer Information Systems or related field 

Industry Certifications:

Tier 3 Analysts should possess the background and experience necessary to obtain Industry or SOC specific certifications as instructed by management. Possible applicable certifications include, but are not limited to:

  • Certified Information Systems Security Professional (CISSP)
  • Information Systems Security Engineering Professional (CISSP-ISSEP)
  • Systems Security Certified Practitioner (SSCP)
  • CompTIA Security+
  • Certified Ethical Hacker (CEH)
  • Certified Security Analyst (ECSA)
  • Certified Incident Handler (ECIH)
  • CompTIA Cybersecurity Analyst (CSA+)
  • Information Technology Infrastructure Library (ITIL)
  • Cisco CCNA
  • Cisco CCNP + Security
  • GSEC
  • GCIH
  • GCIA
  • MCSE
  • Linux+

 

 


 

Job ID:
346494

Dept ID:
10600

Location:
Littleton, CO
United States of America

Industry:
Online / Full App

Job Type:
Temp Position
Folder Group ID
258

Posted Date:11/9/2018

Domain:arna

Apply for this Position

Job Title: Information Security Threat Hunter / Analyst

Location: Littleton, CO

Job Type: Temp Position

Reference ID: 346494

Posted Date: 11/9/2018

Thank you for your interest in Advantage Resourcing. You have responded that you are not 18 years of age or older. It is Advantage Resourcings policy to hire individuals who are 18 years of age or older. We invite you to reapply when you meet this requirement. If you have questions or concerns about this policy please email recruiting@advantageresourcing.com

Thank you for your interest in Advantage Resourcing. You have responded that you are not authorized to work in the US. Advantage Resourcing adheres to Department of Homeland Security regulations regarding employment of individuals authorized to work in the US. Should you require sponsorship or have questions about these regulations, please contact recruiting@advantageresourcing.com


Please Choose One:
Valid Resume Formats: (.doc .docx .pdf .rtf .txt only)

 

No Resume?

Please enter the following fields in the absence of a Resume

Invitation to Self-Identify

Advantage Resourcing is committed to equality of opportunity for all staff and job applicants. We acknowledge the unique contribution that all individuals can make and we aim to create a working environment in which all individuals are able to make use of their skills, free from discrimination or harassment, and in which all decisions are based on merit. This form is intended to help us maintain equal opportunities best practice and identify barriers to workforce equality and diversity.

The information on this form will be used for monitoring purposes only and will not be used in any decision affecting you. The information you provide will remain anonymous and will be stored separate to any job application. You are not obliged to answer any of these questions but the more information you supply, the more effective our monitoring will be. All information supplied will be treated anonymously.


Voluntary Self-Identification of Disability
Form CC-305 - OMB Control Number 1250-0005
Expires 1/31/2020

Why are you being asked to complete this form?

Because we do business with the government, we must reach out to, hire, and provide equal opportunity to qualified people with disabilities.i To help us measure how well we are doing, we are asking you to tell us if you have a disability or if you ever had a disability. Completing this form is voluntary, but we hope that you will choose to fill it out. If you are applying for a job, any answer you give will be kept private and will not be used against you in any way

If you already work for us, your answer will not be used against you in any way. Because a person maybecome disabled at any time, we are required to ask all of our employees to update their information every fiveyears. You may voluntarily self-identify as having a disability on this form without fear of any punishmentbecause you did not identify as having a disability earlier.

How do I know if I have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

Blindness , Autism , Bipolar disorder , Post-traumatic stress disorder (PTSD) , Deafness , Cerebral palsy, Major depression , Obsessive compulsive disorder , Cancer , HIV/AIDS , Multiple sclerosis (MS) , Impairments requiring the use of a wheelchair , Diabetes , Schizophrenia , Muscular dystrophy , Epilepsy , Missing limbs or partially missing limbs , Intellectual disability (previously called mental retardation)

Reasonable Accommodation Notice

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Submit Application