Job Description :

Job Title:  Cybersecurity Analyst
Location: The Woodlands TX
Duration: contract to Hire


Cybersecurity analysts will preserve the integrity and confidentiality of the organization’s data and infrastructure by implementing measures to prevent security breaches.  This position will assess any potential system and network vulnerabilities through extensive diagnostic testing and review of incoming traffic.  As part of this role, the analyst will conduct investigations, devise and deploy a variety of risk management strategies, prepare for, and respond to attacks, and develop security measures for potential cybersecurity incidents. Cybersecurity Analysts will educate users on protocols and best practices and ensure organizational compliance with internal and external security standards.


Duties, functions, and responsibilities of this position include:

·         Performs threat and vulnerability assessments and provides subject matter expertise on appropriate threat mitigation approaches

·         Supports cyber security initiatives through both predictive and reactive analysis

·         Identifies intrusion activity by leveraging alert data from multiple sensors and systems and determines priority for response

·         Monitors, evaluates, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases

·         Uses attack signatures and tactics, techniques and procedures (TTPs) to aid in threat detection and discovery

·         Conducts basic malware analysis of attacker tools and identifies indicators of compromise (IOC)s

·         Collaborates with other IT team members to develop and implement innovative strategies for monitoring and preventing attacks

·         Conducts research on emerging security threats

·         Proposes additional components and techniques that could be used to proactively detect and prevent malicious activity

·         Manage the SOC mailbox, and monitor and analyze the emails for threats including phishing and malware, and escalates per procedures

·         Participates in the investigations of information security incidents and may prepare reports on intrusions as required

·         Maintains an understanding of the current threats, vulnerabilities, response and mitigation strategies used to support cyber security operations

·         Logs and records all security incidents to internal ticketing system

·         Collects malware artifacts safely for analysis and incident investigations

·         Examines suspicious emails for malicious content and provide recommendations on remediation actions

·         Performs URL/domain analysis to identify and report any malicious indicators associated with the resource and evaluates associated risks

·         Provides other services as a key member of the Cyber Division including but not limited to: • Information security review and approval of changes to COH networks, servers and end devices in collaboration with the Infrastructure Team

·         Security sensor policies for IDS/IPS, Firewalls, web security gateways and logging

·         Continuous control monitoring including baseline security configuration monitoring

·         Investigations and forensics

·         Knowledgeable of Cyber Kill Chain and Diamond Model of Intrusion Analysis

·         Knowledge of SIEM, IDS, anti-virus/anti-malware and firewall technologies

·         Other duties as assigned


Education and/or Experience:

·         2+ years of experience in the information security field required

·         Bachelor’s Degree in relevant field of study or equivalent combination of education and experience required

·         IT certifications -CISSP required

·         IT certifications- CEH, GICSP, Cisco CCENT/CCNA preferred

·         Knowledge of cyber security frameworks such as NIST CSF, CIS, and Mitre ATT&CK

·         Experience performing vulnerability scanning, penetration testing, and vulnerability management

·         Experience performing threat modeling and security review to assess new designs and security requirements for new technologies

·         Experience with responding to security related incidents, incident response, conducting table top exercises

·         Experience with developing procedures and runbooks for a SOC

·         Experience with analyzing system, application, security, network logging data from a SIEM to create actionable work tasks for a SOC, or other IT staff

·         Experience with Windows Servers, enterprise anti-virus, endpoint security, application whitelisting technologies, SIEM, logging configurations, IDS/IPS, authentication methods, TCP/IP, packet capture and analysis, Microsoft AZURE Cloud Services

·         Ability to effectively communicate technical information to a non-technical audience

Desired Qualifications:

·         Knowledge of the Oil and Gas industry and ICS environments

·         Excellent project management, organizational, time management, and interpersonal skills

·         Ability to work with sensitive and confidential information while maintaining the highest level of confidentiality, professionalism, and ethics


Similar Jobs you may be interested in ..