Cyber Intrusion Analyst I
Savannah, GA, US
Gulfstream Aerospace
Cyber Intrusion Analyst I in GAC Savannah
Unique Skills:
*This position is open to 1st, 2nd, and 3rd shift*
The following attributes are all important and experience and/or working knowledge will be a plus.
Experience in other fields will be considered if skills are transferable.
Looking for a seasoned cyber security professional who remains current on the evolving cyber security environment and technologies.
Experience with UEBA, EDR, XDR, DLP, SIEM and SOAR concepts/technologies
Deep understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs)
Experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework. Threat Hunting
Strong analytical and troubleshooting skills
Experience with vulnerability management tools and /or programs
Experience with reverse engineering malware
Experience in the area of Cloud Security - CCSP or CCSK a plus
Experience securing MS AD/Azure environments
Experience in the digital forensics field
Experience in Networking and/or Firewalls a plus
Willing and capable of training team members
Python programming
(These positions include shift work required to cover 24x7 Security Operations, Position is on site with possibility of some hybrid remote work, but primary location is on site)
Education and Experience Requirements
Bachelor's Degree or equivalent combination of education and experience to successfully perform the essential functions of the job. Degree in information security, Computer Sciences or Technology related field preferred. . Position Purpose:Under supervision, the Cyber Intrusion Analyst I will provide frontline security monitoring, analysis, investigations and incident response. The analyst will perform monitoring and analysis of security systems data from multiple security systems.Job Description
Principle Duties and Responsibilities:Essential Functions:- The analyst will perform monitoring and analysis of security systems data from multiple security components including firewalls, IPS, VPN, web filtering, SIEM systems, host based intrusion detection, email filtering etc. Monitor Intrusion Detection systems (IDS) Analyze security data to effectively detect intrusions & attempted intrusions and to initiate and engage the proper resources to mitigate the risk and validating (IDS) alerts.
- Collecting and analyzing investigative information and data (e.g. internet history information, system logs, network traffic activity, encrypted or erased data) to identify signs or sources of compromise, poor security practices and unauthorized activities.
- Enforcing procedures for preventing web abuse; guiding the administration of security tools that monitor web security. Conducting preliminary security investigations related to employee abuse of security policies.
- Examining and analyzing network traffic, related applications and operating systems to identify potential threats, anomalous or malicious activities to network resources .
- Conducts preliminary forensic collections of electronic evidence including information system and network devices for legal, human resources, ethics, and information security.
- Support of customers with security and general technology needs.
- Able to be on call for incidents and problems; also able to work different shifts. .
- Able to travel as needed. .
- Proficient in the use of incident response and forensics tools such as FTK, Encase, and Cellebrite. .
- Must have an understanding of cyber forensics, networking, and information security technologies and be able to demonstrate outside-the-box thinking and continuous learning.
- Experience with the following operating systems: Windows, OSX, IOS, Linux or UNIX.
- Security Certification such as CISSP, CEH, ACE, EnCE, CCE, Security+ etc. is a plus.
Additional Information
Requisition Number: 220992
Category: Information Systems
Percentage of Travel: Up to 25%
Shift: First
Employment Type: Full-time
Posting End Date: 07/26/2024
Equal Opportunity Employer/Veterans/Disabled.
Gulfstream does not provide work visa sponsorship for this position, unless the applicant is a currently sponsored Gulfstream employee.
Legal Information | Site Utilities | Contacts | Sitemap
Copyright © 2024 Gulfstream Aerospace Corporation. All Rights Reserved. A General Dynamics Company.
Gulfstream Aerospace Corporation, a wholly-owned subsidiary of General Dynamics (NYSE: GD), designs, develops, manufactures, markets, services and supports the world's most technologically-advanced business jet aircraft
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Azure CCSK CCSP CEH CISSP Cloud Cyber Kill Chain EDR EnCase EnCE Firewalls Forensics IDS Incident response Intrusion detection iOS IPS Linux Malware MITRE ATT&CK Monitoring Python Reverse engineering SIEM SOAR TTPs UNIX VPN Vulnerability management Windows XDR
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Security Consultant jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open DevSecOps-related jobs