Security Analyst - Project Lead - 26-06745

Job Description

Job Description

Security Analyst – Project Lead

Location: Clinton, SC
Duration: 12 Months

Key Responsibilities

• Monitor and analyze security events across SIEM, EDR, IDS/IPS, and threat intelligence platforms to identify potential threats and security incidents.
• Conduct detailed investigations of suspicious activities, determine root cause and business impact, and escalate critical incidents when necessary.
• Prepare incident reports, timelines, post-incident analyses, and recommendations for remediation and prevention.
• Investigate phishing attempts, malware infections, and policy violations while providing guidance on containment and recovery efforts.
• Enhance SOC operations by recommending improvements to detection rules, alert thresholds, playbooks, and workflows.
• Collaborate with engineering teams to optimize monitoring tools, integrate threat intelligence feeds, and conduct proactive threat hunting activities.
• Serve as a subject matter expert for security operations and support stakeholder engagement.
• Maintain documentation, runbooks, standard operating procedures, and troubleshooting guides.
• Coordinate with security, engineering, and operational teams to support organizational objectives.
• Perform additional duties as assigned.

• Associate degree in Information Technology, Information Security, or a related field.
• Four years of relevant professional experience may be substituted for the degree requirement.
• Minimum 2 years of experience in Security Monitoring and Incident Response.
• Minimum 2 years of experience utilizing the MITRE ATT&CK framework.
• Minimum 2 years of experience creating security dashboards and operational reports.
• Strong analytical, investigative, and problem-solving skills.
• Excellent written and verbal communication abilities.

• Experience with Palo Alto Cortex XSIAM/XDR.
• Knowledge of Linux systems, network administration, and network architecture.
• Experience administering firewalls, VPN technologies, Active Directory, and Intrusion Detection/Prevention Systems (IDS/IPS).
• Experience with threat hunting and advanced cybersecurity operations.
• Local candidates from South Carolina preferred.

• CISSP, CISA, CISM, or equivalent advanced cybersecurity certification.
• CEH, OSCP, GPEN, or other relevant security certifications.
• Vendor-specific cybersecurity certifications.

• Security Information and Event Management (SIEM)
• Endpoint Detection and Response (EDR)
• Intrusion Detection/Prevention Systems (IDS/IPS)
• Threat Intelligence Platforms
• MITRE ATT&CK Framework
• Incident Response & Threat Hunting
• Dashboard Development & Security Reporting
• Active Directory
• Firewalls & VPN Technologies
• Linux Administration

For more details reach at View email address on ziprecruiter.com