Cyber Security Analyst - Verizon Richardson, TX, United States Bookmark Share Print 177 1 3

Listing Description

As a member of Network Security Services, the Network Security Operations Center (NSOC) Cyber Security Analyst monitors and analyzes the output from security monitoring and scanning devices and takes or recommends actions for the detection and remediation of system compromises. The Analyst is the front-line member of the Network Security Operations Center (NSOC) team. The Analyst conducts proactive computer network defense operations based on established NSOC procedures. The Analyst ensures compliance with Verizon policies, technical standards, and industry best practices. The Analyst provides guidance to systems administrators to implement corrective actions to mitigate risk.

A primary responsibility is security event monitoring of the Verizon Wireline networks and systems. The Analyst must work effectively with technical staff members in other groups to resolve security events. The Analyst will perform Tier 1 response and investigations using established NSOC procedures and escalate issues which cannot be resolved to the Tier 2 Response team. The Analyst will work within a Security Information and Event Management (SIEM) platform to identify anomalies, malware, exploit attempts and other attacks on Verizon Wireline network infrastructure and data. Provide feedback to improve the accuracy of automated detection rules. This analyst is a skilled security professional, who possesses experience in identifying, documenting, mitigating today’s security threats landscape. The Analyst must have demonstrable knowledge of networking (TCP/IP, topology, and security), operating systems (Windows/UNIX), and web technologies (Internet security). The Analyst must possess ability to understand and cross-reference system log data, user authentication events, security event logs, syslog, NetFlow data, DHCP logs, DNS logs, web browser and proxy logs, packet captures and firewall events.

The Analyst will also be called upon to support periodic audits and compliance reviews to identify systems and networks which present a risk to Verizon. Analysts must be able to examine data from automated internal and third-party security scans and penetration tests, to confirm or deny the initial reports. Analysts must be able to identify instances where automated tools have provided conflicting or incorrect information, and continue research to reveal the true state of the systems and networks. Support Network Security Services intra-organizational collaboration to support security operation capabilities and collaboration efforts across functional teams. Support process improvements by documenting variances in tactical response procedures. Develop and maintain proficiency and accuracy in monitoring, response, and reporting through tactical cyber incident monitoring.Analyst must be able to:

•Multi-task while working with a sense of urgency to resolve or escalate issues with established guidelines and prioritize work according to risk;

•Work in a highly collaborative environment, sharing findings and incorporating feedback from management and peers in order to better understand and respond to threats.

You’ll need to have:

•Bachelor’s Degree or four or more years of work experience.

•Four or more years of relevant work experience.

•Analysts must possess an enthusiasm for information security and the ability to learn new threats independently.

•Knowledge of desktop and server based computing systems such as Windows and UNIX.

•A working level knowledge of networking principles and advanced troubleshooting techniques.

•Strong communication skills are required with the ability to engage with system and network administrators and users.

•Be self-motivated in following up on issues.

•Work a variety of shifts within a 24/7 Network Security Operations Center environment and the ability to excel in high pressure environments.

•Traditional network monitoring experience is required with packet/protocol analysis and hands-on system or network administrative experience with major operating systems.

•Scripting language skills and Splunk searching and regular expression creation experience to support dynamic security event analysis.

•Perform operational reporting and logging processes and procedures for NSOC situational awareness reports and messaging high visibility incident alerts and elevated threat conditions across the Wireline network.

•Configuration of operating systems to include: security controls, malware remediation, and desktop/server technical support. Experience with different host based protections, email gateways and proxy technologies highly preferred. Familiarity with forensic analysis and big data concepts is desired.

Even better if you have:

•Security certifications such as: GMON, GCIH, GCFE, GCFA, CEH, GCIA and Network/Security+ or similar.