Cyber Security Analyst
San Antonio, TX, United States
Applications have closed
Bridgehead IT
Bridgehead IT is a top IT firm providing end-to-end, customized technology services tailored to businesses of all sizes and industries.Company Description
Established in 1999, what is now known as Bridgehead IT, offers customized, end-to-end technology services that support businesses of all sizes. We’re different because we take a holistic approach to the technology needs of our clients and empower our staff to become leaders in their fields.
Our services are engineered to meet the specific objectives of each client. That starts with having the right people, who are experts in their field to develop solutions that support our clients. Our 24/7 operations, leading edge tools, and on-staff team of 75+ expert technicians who are specialists in their field offer scalable resources to meet your business needs.
Job Description
Position Summary:
Cyber security analysts are responsible for managing, monitoring, troubleshooting, and protecting the security of the internal environment and that of our customers in real time. The Cyber Security Analyst is tasked with providing technical expertise in all areas of network, system, and application security. In this position the Cyber Security Analyst must effectively correlate and analyze security events within the context of a client’s unique environment to proactively detect threats and mitigate attacks before they occur. This role will respond to events according to documented procedures and industry best practices. The responsibilities for this position must extend to leading multiple security incident investigations at once. The Analyst must report all possible security incidents, potential breaches, attacks, threats, and evidence of compromise.
Key Responsibilities:
• Perform initial analysis of security events and network traffic.
• Safeguards information system assets by identifying and solving potential and actual security problems.
• Protects systems by implementing defined access privileges, control structures, and resources.
• Completing written reports in compliance with current reporting procedures and policies.
• Ability to interact with and lead discussions with business executives across different functions and lines of business.
• Effectively communicates investigative findings to non-technical audiences.
• Incident response and conducting investigations as events happen through analyzing logs from various sources.
• Ensuring the security technology provided by the organization is performing to optimal standards with customers.
• Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of data.
• Maintain an awareness of industry challenges and advancements to add value to existing technologies and processes used within the team.
• Maintain knowledge of industry trends and current security practices by attending educational workshops and reviewing relevant publications on a regular basis.
• Effectively apply information security theories and concepts to specific circumstances.
• Recognizes problems by identifying abnormalities/reporting violations.
• Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Determines security violations and inefficiencies by assisting with periodic audits.
• Upgrades systems by implementing and maintaining security controls.
• Keeps users informed by preparing performance reports and communicating system status.
• Maintains quality service by following organization standards.
• Assists with incident response and remediation.
• Effectively track time spent and keep accurate notes for work performed.
• Performs other related duties as assigned.
Qualifications
Skills and Qualifications:
• Ability to work independently and with a team.
• Ability to Write detailed, concise, and accurate reports.
• Working knowledge of cybersecurity monitoring tools
• Working knowledge of security incident and event monitoring (SIEM)
• Working knowledge of end-point security tools
• Incident response and investigations experience.
• Vulnerability assessments and conducting relevant incident response.
Education and Experience:
• Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience.
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Azure Sentinel, Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk, etc)
• Experience developing and deploying signatures (e.g. YARA, Snort, Suricata, HIPS)
• Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.
• Experience with Office 365 and Azure with a heavy focus in security-based functions and best practices.
Additional Information
Bridgehead IT is proud to be an equal opportunity workplace and is an affirmative action employer.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android Application security ArcSight Audits Azure Compliance Computer Science Forensics Incident response iOS Monitoring QRadar RSA SIEM Snort Splunk TCP/IP UNIX VMware Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs