Security Analyst II
REMOTE (McLean, VA or Indianapolis, IN candidates preferred)Schedule: 3:00 pm - 1:00 am ET4x10 Shift (Wednesday - Saturday)** shift work and holiday work are required as part of a 24/7/365 SOC **
About the Role:
As a Security Analyst II, you will be responsible for supporting the 24/7/365 Security Operations Center (SOC). You will serve as the escalation point for the Security Analysts (Tier 1) and provide backup, when required, answering incoming calls, and internal and external emails.Your priority is to monitor, detect and respond to customer alerts received by various log and network sources within the Endpoint, Detection and Response (EDR) solutions. You will also be reviewing vulnerability reports and assessments.
Responsibilities:
- Review internal tickets and assign according to designed workflows
- Analyze intrusions, detect incidents, and assist in response
- Seek out attacker presence on client’s networks and logs with advanced threat hunting
- Identify attack vectors, threat tactics and attacker techniques
- Proactively engage with clients to understand their security needs and wants
- Regularly assist with reviews and provide reports on observed threats
- Research new threats to enterprise environments
- Assist Senior Security Analysts as directed by leadership to participate in hunt activities and intelligence actions
- Work with the team to resolve issues, tweak current processes, and develop/improve existing work instructions
- Analyze Indicator of Compromises (IOCs) and work with the team to develop countermeasures
- Create, update, and participate in crafting playbook responses, and other Standard Operating Procedure (SOP) documentation.
Technologies:
- Demonstrated experience with some of the following:
- Packet Capture (PCAP) analysis using Wireshark
- Familiarity with commercial or open source log or SIEM solutions
- Event analysis, correlation, reporting and alerting
- Reverse engineering malware and host-based analysis/detection
- Service discovery tools such as nmap and,
- Vulnerability scanning tools such as Nessus, Nexpose, and/or Qualys
- Experience with system or network administration (Unix/Linux experience preferred)
- Experience and knowledge of information security, IPv4/v6 networks, network devices, proxies, and IDS/IPS tools and applications
- Endpoint, Detection and Response (EDR) solution experience (FireEye, SentinelOne, Crowdstrike for example)
Knowledge & Skills:
- 4-7 years of overall I.T. experience
- Industry-recognized certifications related to cybersecurity or
- 2-year degree in computer technologies and industry-recognized certifications
- 4-year degree in Computer Science or equivalent
- Continuous growth progress within the Cybersecurity/Information technology field by accumulating certifications, degrees and/or CPEs
- Intermediate level log analysis and review skills
- Beginner experience with vulnerability scanning tools and reporting
- Intermediate Email phishing detection/analysis experience
- Experience working within ticketing systems
Who we are:
At Pondurance we embrace, educate, and protect people by helping make
our world a
better and safer
place. We believe in inviting good people into our company who are driven to become great!Every person at Pondurance is encouraged to focus and grow in their individual areas of interest, passion, and career path. We have accessible leaders as Mentors who believe “None of us are as smart as all of us” (R. Pelletier).We believe everyone has the freedom to be themselves, especially at work and so we embrace, support, and celebrate each other. Each one of us influences our company’s direction through speaking up,
you have a voice and we want you to use it.
Do you want to be a part of something different? Do you want to influence real change? Do you want to be part of the solution? Then join us in redefining the security and cyber risk landscape.
What We Offer:
The opportunity to apply your expertise, take on new challenges, and help customers address their biggest security objectives.An inclusive culture of teamwork that embraces the diversity of our people and communities in which we work. Some of the corporate benefits (there are more) for full-time employees include:
- Medical, dental, vision, disability, FSA, HSA, life and AD&D insurance, 401(k) Plan.
- Time off: PTO, sick, holiday, & parental leave details are available
- Money: We provide competitive compensation packages based on the market and your overall credentials.
You will likely be based out of one of our current locations: McLean, Virginia or Indianapolis, Indiana.To promote a healthy and safe work community we require background and drug screenings as part of our hiring process. Details of our process will be provided upon request.We are an equal opportunity employer focused on celebrating diversity and inclusion. We believe that each individual should be treated equally without regard to race, color, identity, national origin, protected veteran status, religion, sex including sexual orientation and gender identity, disability, or any other characteristic protected by law.