Cyber Security Analyst
Sterling, VA Office, Sterling, VA, US
ORBCOMM
ORBCOMM delivers pioneering industrial IoT technology that boosts productivity, streamlines operations and builds sustainability.A little bit about the role:
ORBCOMM is seeking a Cyber Security Analyst to join our Information Technology team, this role will report to the Director, Cyber Security.
Responsibilities:
- Assist in configuration of security log ingest, create actionable/high fidelity alerts, work with the cyber security operations engineer to develop automation, assess our ability to detect, monitor, prevent, and recover from attacks.
- Participate in the day-to-day security operations, monitoring, and incident response from the Security Operations Center.
- Lead, perform, review, investigate, and track computer security events/incidents to resolution.
- Evaluate, respond, and resolve alerts that originate from the SIEM, IDS/IPS, EDR/NGAV, Web Application and API Firewalls (WAFs/WAAPs), Network Firewalls, and other security sourced alerts.
- Understand security technologies such as Security Incident and Event Management (SIEM), Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Network and Host-level Firewalls, Network and Host Intrusion Prevention Systems (N/HIPS) etc., to capture relevant security sourced event data into the SIEM.
- Lead in monitoring and analyzing alerts in the Sumo Logic Cloud SIEM Enterprise (CSE)
- Perform vulnerability assessments on cloud infrastructure servers and devices, workstations, laptops, on-premises servers and devices, and applications.
- Assist in prioritizing remediation and mitigation activities using risk criteria such as CVSS, Tenable VPR exposure, and asset criticality.
- Compile, deliver, and track vulnerability reports/metrics to appropriate team members.
- Actively perform threat hunting for malicious activities using different security tools to identify threat vectors for remediation.
- Ensure all pertinent information/artifacts are obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment.
- Block malicious domains, MD5 file, URL, and/or IP Hashes, where applicable and in accordance with the company's standards.
- Develop Security Operation Procedures (SOPs) and Standards, to include hardening guidelines for the different web applications, operating systems, databases, and other products.
- Regularly collaborate with the Cyber Security Operations Engineer to tune security tools and capabilities against false positives for optimum performance.
- Develop follow-up action plans to resolve reportable issues and communicate with other security colleagues to address security threats and incidents.
- Engage with other internal and external parties to get and share information to improve processes and security posture.
- Help develop and conduct security risk assessments, develop risk reporting, and track metrics.
- Update the Publicly Exposed Servers (PES) spreadsheet.
Desired Qualifications and Experience:
- 2-4 years of Information Technology experience, preferably in Information/Cyber Security.
- Bachelor’s degree in information security, Computer Science, Information Technology, related field, or equivalent work experience.
- Familiar with incident response lifecycle
- 1+ years of hands-on experience preferred in any one of the following areas: security operations, incident response, network security operations, network/host intrusion detection, threat response.
- Experience analyzing system and application logs to troubleshoot operational issues or investigate security issues.
- Experience creating metrics and reports.
- Preferred knowledge of enterprise detection technologies and processes (IDS/IPS, Network Packet Analysis, Endpoint Protection, SIEM).
- Preferred Knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases).
- Preferred currently to hold or working toward security certifications or attending security courses.
- Experience communicating with management and partner teams clearly and effectively in a professional setting.
- Strong verbal and written communication skills.
- Basic understanding in Scripting and Programming languages such as PowerShell, Python, SQL, Java, etc.
About ORBCOMM Inc.
ORBCOMM is a pioneer in IoT technology, empowering customers with insight to make data-driven decisions that help them optimize their operations, maximize profitability, and build a more sustainable future. With 30 years of experience and the most comprehensive solution portfolio in the industry, ORBCOMM enables the management of over a million assets worldwide for a diverse customer base spanning transportation, supply chain, heavy equipment, maritime, natural resources, and government. For more information about how ORBCOMM is driving the evolution of industry through the power of data, visit www.orbcomm.com.
Interested?
At ORBCOMM, we believe that our people are our strength. Our success stems from our ability to attract and retain the best people who deliver a high level of performance and skill.
If you are looking for a significant career opportunity and the chance to work for an established, successful, and high growth company, ORBCOMM is the ideal place for you.
We are committed to employment equity. ORBCOMM would like to thank all applicants in advance and advise them that only candidates selected for an interview will be contacted.
ORBCOMM is committed to providing accommodations for persons with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Automation Cloud Computer Science CVSS EDR Firewalls IDS Incident response Intrusion detection Intrusion prevention IPS Java Linux Monitoring Network security PowerShell Python Risk assessment Scripting SIEM SOC SQL UNIX Windows
Perks/benefits: Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Manager Pentest H/F jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open EDR-related jobs
- Open IPS-related jobs