Velocity Staff, Inc. is working with our client in Savannah, GA to identify a Associate Level Cyber Intrusion Analyst. This role will require 3rd shift and weekend hours. The right candidate will work with leadership to provide frontline security monitoring, analysis, investigations and incident response. The analyst will perform monitoring and analysis of security systems data from multiple security systems.
1. The analyst will perform monitoring and analysis of security systems data from multiple security components including firewalls, IPS, VPN, web filtering, SIEM systems, host based intrusion detection, email filtering etc. Monitor Intrusion Detection systems (IDS) Analyze security data to effectively detect intrusions & attempted intrusions and to initiate and engage the proper resources to mitigate the risk and validating (IDS) alerts.
2. Collecting and analyzing investigative information and data (e.g. internet history information, system logs, network traffic activity, encrypted or erased data) to identify signs or sources of compromise, poor security practices and unauthorized activities.
3. Enforcing procedures for preventing web abuse; guiding the administration of security tools that monitor web security. Conducting preliminary security investigations related to employee abuse of security policies.
4. Examining and analyzing network traffic, related applications and operating systems to identify potential threats, anomalous or malicious activities to network resources
5. Conducts preliminary forensic collections of electronic evidence including information system and network devices for legal, human resources, ethics, and information security.
6. Support of customers with security and general technology needs.
1. Able to be on call for incidents and problems; also able to work different shifts.
2. Able to travel as needed.
3. Proficient in the use of incident response and forensics tools such as FTK, Encase, and Cellebrite. Perform other duties as assigned.
1. Must have an understanding of cyber forensics, networking, and information security technologies and be able to demonstrate outside-the-box thinking and continuous learning.
2. Experience with the following operating systems: Windows, OSX, IOS, Linux or UNIX.
3. Security Certification such as CISSP, CEH, ACE, EnCE, CCE, Security+ etc. is a plus.
NOTE: A credit history check from a national credit bureau will be conducted for all candidates for this position including new hires and current employees seeking promotion or transfer.