Security Analyst II

Job Profile Summary
Perform real-time monitoring and analysis of security events from multiple sources. Identify source or cause and provide recommendations for secure infrastructure through policy, practices, risk management, engineering, and improved operations. Responsible for adhering to company security policies and procedures and any other relevant policies and standards as directed.

• Requires working knowledge and experience in own job discipline and broadens capabilities
• Continues to build knowledge of the company, processes and customers
• Performs a range of assignments related to job discipline
• Uses prescribed guidelines or processes in analyzing situations
• Receives a moderate level of guidance and direction

Key Responsibilities • Other Incidental tasks related to the job, as necessary. • Monitor and analyze security events, including but not limited to NIDS, HIDS, firewall logs, and system logs (Windows and Unix) • Triage security events: assess the priority and determine risk • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security • Identify, modify, and manipulate applicable system components within Windows, Unix, or Linux (e.g., passwords, user accounts, files) • Conduct research, analysis, and correlation across all source data sets (indications and warnings) • Use the Cyber Kill Chain, current intelligence information, and investigative techniques to proactively review customers environments searching for anomalous behavior • Expand conceptual knowledge in own job discipline and broaden capabilities • Intermediate knowledge of Cybersecurity principles, threats, and vulnerabilities • Intermediate knowledge of incident response methodologies • Intermediate knowledge of cyber investigative techniques • Understanding and continued learning of current cyber threat trends • Intermediate knowledge of computer networking concepts and protocols, and network security methodologies • Intermediate knowledge of Intermediate physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, NICs, Data storage) • Intermediate knowledge of defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness). • Intermediate knowledge of virtualization and cloud computing • Intermediate knowledge of which system files (e.g., log files, registry files, configuration files) contain relevant information and where to find those system files • Intermediate knowledge of networking protocols (e.g., TCP/IP), services (e.g., web, mail, Domain Name Server), and how they interact to provide network communications • Intermediate knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA]) • Requires expanded conceptual knowledge in own job discipline and broadens capabilities • Understands key business drivers; uses this understanding to accomplish own work
Skills • Intermediate system administration, network, and operating system hardening techniques • Intermediate skills in hacking methodologies in Windows or Unix/Linux environment • Demonstrated effective oral and written communication skills • Demonstrated effective problem solving & analytical skills • Team player, willing to work with others in sharing information to help increase overall team knowledge
Education • Required Bachelor's Degree in Computer Science, Management Information Systems, or a related technical field • At the Manager's discretion, 4 years of additional related experience may substitute for the degree requirement; if substitution allowed, regional equivalent to High School Diploma is required. Preferred • Degree focus on Cyber Security Certifications • Requires one of the following certifications: Sec+, GSEC, anExperience • Required • 2 - 4 years of experience in cyber security • Experience analyzing host and network-based logged events (i.e. firewall, IPS/IDS, Windows, Web, proxy, and mail filtering)

About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.  More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.