Senior Network Security Analyst - Houston, TX
Houston-based leading provider of on-demand compliance and security solutions is currently seeking a Network Security Analyst to join their already stellar team. Their threat, log, and IT compliance management solutions run as a software-as-as-service, and are cost effective, easily deployed, and easily maintained. Their customers can protect their networks and comply with policies and regulations with no maintenance needed on their part as our client delivers professional services "in-cloud," without the need to work onsite to deploy, configure, tune, maintain or upgrade. They pride themselves on offering efficient, no-hassle, reliable network security and compliance solutions and continually exceeding customer expectations.
Our client offers an exceptional company culture with a group that works hard and has fun. They are looking for someone with a passion for technology, a drive for continual learning, and the love of solving problems.
• Work in the Global Security Operations Center as the highest level of support.
• Manage security incidents through to completion including containment, forensics and remediation.
• Take SOC incoming customer phone calls that have been escalated from junior security analysts as the final point of resolution. Work as the highest point of customer support and go-to person for security/compliance issues that require more intensive investigation.
• Mentor and help provide direction to lower level analysts in providing real-time security monitoring and incident reporting of the customer’s network and IT infrastructure.
• Review Shift Reports from junior analysts including hourly status checks of clients’ monitoring tools and IDS/IPS reporting.
• Contribute to the development and implementation of monitoring, incident response, and overall SOC processes and procedures.
• Maintain visibility of network sensors and capabilities through regular review of system status tools.
• Recommend means for strengthening the overall control environment.
• Investigate incidents and collect/preserve evidence as needed.
• Collaborate with junior analysts and all areas of customers’ IT group in responding to security events.
• Conduct after-action reviews of security incidents.
• Other duties as assigned.
• Two years minimum of experience in security event/alert monitoring employed in a SOC, CSIRT, or on a Security Response Team.
• Understanding of host/network common vulnerabilities and exploits (CVEs), hacker methodologies and tactics, host/network device hardening techniques, penetration testing, and security incident prevention/mitigation techniques.
• Understanding of and experienced in the use of Trace Route, Ethereal, packet captures, TCPDumps, and the use and function of other commonly used security tools.
• Understanding of the TCP/IP protocol suite, TCP/IP headers and packets, the OSI model, and commonly used TCP/UDP ports and associated services.
• Strong understanding of and experience with monitoring and analysis of Firewall logs, and network/host-based Intrusion Detection/ Prevention systems (IDS/IPS).
• An understanding of network engineering and local and wide area (LAN/WAN) technologies and routing protocols, switching, etc.
• Strong command of Linux systems administration and familiarity working with Cisco switches, routers, and PIX.
• Knowledge of post-incident reviews and follow-up procedures,
• Knowledgeable of computer security threats, and how they impact confidentiality, integrity, and availability of this company's data,
• Knowledge of the requirements for collecting and presenting evidence; rules for evidence, admissibility of evidence, and quality and completeness of evidence.
• Good problem identification, troubleshooting, triage, and containment skills.
• Must have one or more certifications such as CISSP, CISA, GIAC, GSEC, EnCE.
• GCIA certification preferred (must obtain within 6 months of hire)
Please send resumes/inquiries to firstname.lastname@example.org.