Job Description :
Position : Security Analyst
Location: Indianapolis, IN
duration : Long term contract
JD:
Role Description: The Information Security Analyst is responsible for executing daily operational procedures for monitoring the SIEM Triage Channel and other intake areas for information security events and closing or escalating those events as necessary.
Primary Responsibilities:
Maintain the group email address and distribution lists and update all relevant documentation such as shift logs and tickets ,Monitor incoming detected events via the SIEM Triage Channel and other intake areas for potential Information Security Incidents (ISIs) using the SIEM Tool and other intake area channels per operational procedures ,Monitor Team email mailbox for activities related to Team ISI engagements, Monitor SOC ticket (and email) queue for potential event reporting from outside entities and individual users, Rapidly identify, categorize and prioritize detected events as the initial information security event detection group for the enterprise using all available Detect and Respond log sources, Perform initial analysis and triage of potential ISIs and escalate or close detected events as applicable. Use available tools as defined in the Use Case Response Plans to analyze detected events; for example, use historical searches using SIEM queries or netflow analysis for available netflow collection devices, Maintain Team shift logs with relevant activity from current shift. Document analysis results, ensuring relevant details are escalated for final event analysis. Reference and update Team Knowledge Base as necessary for changes to processes and procedures, and awareness of daily intelligence reports and previous shift logs. Provide rotational on-call availability for ISIs Incidents escalated outside of normal business working hours, as well as monitoring of critical incidents where needed.
Required Skills & Experience: 2+ years of Information Technology related experience.
Certifications such as: Security+, MCSE, CISSP, CISM, GCIH, GCIA, GCFA, GREM, CCNA, CCNP