Senior Security Analyst

TITLE : Senior Security Analyst Location : Purchase, NY; Florham Park, NJ; Conshohocken, PA; NYC, NY; Charlotte, NC Hybrid Tuesday, Wednesday & Thursday Work from office and Monday and Friday Remote Duration : 6 Months + Possible extension ROLE LOCATION(S) ROLE SUMMARY This position is responsible for the analysis and containment of security incidents in our network using a range of tools: EDR, logs, netflow, and other data sources. The analyst collaborates with other IT teams to complete the eradication of threats during the Incident Response process. This role serves as a point of escalation and review for complex and high-severity cases referred from the 24x7 SOC and other analysts. This role uses the insights gained through those other activities to tune existing detections and develop new threat identification techniques tailored to our environment. ROLE RESPONSIBILITIES Analyze security incidents. Research and resolve or engage subject matter experts Collaborate with other IT teams to eradicate threats and to optimize our systems for prevention Develop new threat detection techniques using the log and reference data available in our SIEM Support other IT teams in the tuning and integration of security tools Collect forensic data for in-house investigations TECHNICAL QUALIFICATIONS Familiarity with SIEM (preferably Splunk), EDR (preferably CrowdStrike) and other analytical tools Familiarity with incident response protocols and tools (RTR, KAPE, etc.) Strong understanding of Windows and Active Directory permissions, common exploits, and log data Familiarity with Linux permissions, common exploits, and log data Strong understanding of SMTP, HTTP, and TCP/IP traffic management and analysis Working knowledge of common diagnostic tools like nmap, procmon, bind, etc. Knowledge of fundamental security technologies such as firewalls, anti-malware agents, security logging/tracing, encryption and signatures, PKI Proficiency with Excel, pivot tables, PowerQuery, and other ad hoc analytical tools Familiarity with scripting in Powershell and/or Python, desired GENERAL QUALIFICATIONS Minimum five years of experience in information security. Previous experience supporting computer networks, operating systems, software, and hardware Self-reliance and independent investigation, make optimal use of existing data in problem analysis Strong process awareness adhere to existing procedures during incident handling and participate in after-action reports to improve those procedures Analytical and problem-solving skills to independently assess risks, threats, patterns, and trends from raw data. Understand opportunities to increase insights through data enrichment. Strong interpersonal skills, ability to work with non-security colleagues on both procedural and technical matters Strong writing skills to describe complex technical problems with structure and clarity Organize information to convey timing, cause, effect, and desired outcome Document complex SOPs in a form that can be followed during incident response EDUCATION REQUIREMENTS B.S. in Computer Science or Software Engineering