DirectDefense Security Analyst in Denver, Colorado
DirectDefense has an immediate opening on our Security Operations team. This is an elite team of Security Analysts who do not merely monitor for attacks and malware, they actively and aggressively hunt for evidence of compromise within our client's environments. As a Security Analyst, you will be part of a revolution in managed security. You will work with brilliant people to spot, track, and eradicate hackers and malware. You will also be on the ground floor of building a next-generation Security Operations Center.
• Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, Anti-Virus, SIEM, etc…), across multiple platforms • Assessing the security impact of security alerts and traffic anomalies on networks • Creating comprehensive security write-ups that articulate security issues, analysis, and remediation techniques • Escalating and explaining security incidents • Maintaining a strong awareness and understanding of the current threat landscape • Conducting research on emerging security threats • Monitor information security alerts through the use of SIEM to respond, triage, and escalate as needed • Review and respond to security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks, discern false positives • Perform day-to-day security log review and analysis in adherence with SOX & PCI requirements, as well as industry security best practices. • Technical analysis of network activity monitors and evaluates network flow • Responsible for reporting, escalating, and remediating anomalous events based on the established protocol • Participate in root cause analysis of critical events for improving preventative and reactive processes • Works with senior leadership to tune and maintain the SIEM (Security Information and Event Management) as needed; develop SIEM use cases to enhance monitoring capabilities • Responsible for gathering and responding to all assessment/audit requests for information
• 1 – 3 years of IT experience preferably in IT security and/or network infrastructure • Strong working knowledge reviewing IDS, Firewall, and other security logs • Experience with monitoring Security Information and Event Management (SIEM) solutions and analyzing SIEM data • Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages • Understanding of Anti-Virus solutions, Intrusion Detection/Prevention Systems, Firewalls, Vulnerability Assessment tools, Web Proxies, and Active Directory • Well versed in network protocols • Well versed on the latest attacks, vulnerabilities, and trends associated with cybersecurity • Excellent communication skills with the ability to provide the appropriate level of detail (verbal and written) to both technical and non-technical personnel
• $76,387 - 99,304
Benefits we offer:
• Full health, dental, and vision plans • 401K • Short and long term disability • Life Insurance • 2 weeks PTO