The Security Analyst is responsible for configuring and utilizing Security Information and Event Management tools, specifically to provide Compliance Reporting, Alerting and Incident Analysis. The Security Analyst is an architect / implementer of security solutions and works with other engineers and product focused personnel to provide the best possible solution for the client. This position requires solid security skills, particularly with Tenable and Cisco products and solutions or comparable SIEM solutions. Emphasis is placed on the ability to thoroughly understand client needs in a comprehensive fashion and to make sound recommendations. The SA will have responsibility for writing technical reports and document findings as evidence for reporting and Incident response as required.
Essential Functions:
- Consults with clients to effectively understand technical requirements and translate to a solution
- Works in a team environment with account managers, and product specialists to effectively develop solutions designs and statements of work
- Able to decipher Security Events and Event correlation using Tenable Security Center and ELSA/Elastic Search tools or similar tools
- Must follow current compliance procedures, assure clear and accurate documentation, and develop or implement more efficient tools and procedures to ensure compliance.
Good organizational skills to maintain documentation and evidence gathering for reporting and Incident analysis - Configure and Utilize Tenable Security Center for compliance reporting and alerting.
Configure and manage components of Tenable SC, such as PVS and LCE. - Solid understanding of TCP/IP protocol and associated ports and services and Cisco network and firewall Access Control Lists and configurations
- Work with Tenable support to resolve any issues that may arise
- Thorough knowledge of Linux operating systems to upgrade, manage and install operating system and applications, such as Tenable
- Working knowledge of agent software such as OSSEC to support host logging agents.
Develop scripts on Linux platforms to support Cybersecurity Vulnerability Assessments (CVA) as well as aid in auditing of security controls - Must be confident in asking questions and bringing attention to concerns that may arise.
Participation in on-call with other members of the team to support Incident Response for customer.
Qualifications:
- BS in Computer Science or other Information Technology discipline or have the equivalent in experience
- Minimum of 5 years of experience in Security related disciplines, supporting a compliance environment
- Experience working with Tenable Security Center or other SIEM solutions generating reports, configuring alerts and performing Incident Response investigations
- Experience with Cisco products and solutions
- Must be able to obtain and maintain security clearances for customers
- Must be able to drive and travel overnight to support customer
Preferences:
- Experience and certification, specifically with Tenable Security Center
- Experience with installing, upgrading and managing Linux Operating Systems
- Prior experience working in a compliance regulated industry
- Excellent organizational skills
