IT Security Analyst

PLEASE NOTE --- THIS IS NOT a REMOTE role. We DO NOT offer to Sponsor visa's. The Cybersecurity Analyst is responsible for monitoring, documenting, and supporting the cybersecurity posture of MetroNational’s information technology systems. This role involves reviewing alerts, assisting in the maintenance of cybersecurity configurations, assessing weaknesses, vulnerabilities and escalating potential vulnerabilities or incidents to senior team members. The Cybersecurity Analyst also contributes to the documentation of cybersecurity events and helps ensure compliance with established cybersecurity policies and procedures. This role uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purpose of mitigating threats.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities Aid in the protection of the company's network and sensitive information using cyber defense tools for continual monitoring and analysis of systems to identify malicious activity Identify cyber threat tactics and methods Identify and correct gaps in the company’s cybersecurity posture Test information systems for vulnerabilities Document and escalating incidents Analyze network alerts from various sources within the enterprise and determine possible causes of such alerts Identify and analyze anomalies in network traffic or log data Monitor risks and implement cybersecurity systems to prevent attacks or breaches Respond to urgent cybersecurity events and incidents Review events and incidents to understand root causes Monitor reputation for hostile content directed toward organizational or partner interests Recommend procedures or changes necessary for good cyber hygiene Improve overall cybersecurity posture of the organization’s systems Determine operational and safety impacts of cybersecurity lapses Prepare threat and target briefings and situational updates Monitor threat activities and prepare threat activity reports Manage and report on adversarial activities

EDUCATION AND REQUIRED EXPERIENCE

A degree in business or technology is preferred (associate’s or bachelor’s) 3-5 years of experience in IT security Experience with intrusion detection (IDS) and intrusion prevention (IPS) systems preferred Basic scripting (Python, PowerShell, Bash) Experience with vulnerability management Experience with network packet analysis Experience with log analysis and log management Experience with Cloud Security Management interfaces Experience with enterprise authentication systems, such as directory services or identity management platforms Experience with incident handling and response preferred Strong working knowledge of Microsoft 365 tenant administrative interfaces Working knowledge of core cybersecurity concepts such as the CIA triad, encryption algorithms, and risk management processes Working knowledge of computer networking protocols including how traffic flows across a network Working knowledge of cybersecurity laws and regulations Working knowledge of cybersecurity threats, threat characteristics, and vulnerabilities, and threat hunting Ability to prioritize security requests according to urgency and established criteria Ability to organize information and alerts from multiple sources to create a holistic picture of cybersecurity threats General understanding of security frameworks (NIST, MITRE Attack) preferred Familiarity with the variations between IT and OT network environments Familiarity with adversarial TTPs Experience working on project teams and project management preferred

SKILLS, QUALIFICATIONS, AND OTHER REQUIREMENTS

Excellent communication (written, verbal and listening) and interpersonal skills Superior organizational skills and attention to detail Proven ability to deliver high-quality customer service Ability to triage and prioritize security related data quickly Ability to respond after hours and weekends as needed

PHYSICAL DEMANDS

Requires sufficient personal mobility and physical reflexes, to permit the employee to function in a general office environment and accomplish tasks and duties as outlined above.

WORK ENVIRONMENT

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually quiet. #J-18808-Ljbffr MetroNational