Cyber Security Intelligence Expert

| Greater Denver Area
Sorry, this job was removed at 12:57 p.m. (MST) on Friday, November 10, 2017
Find out who's hiring in Greater Denver Area.
See all Cybersecurity + IT jobs in Greater Denver Area
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

POSITION SUMMARY

InteliSecure’s Cyber Security Intelligence Expert (CSIE) answers inbound phone calls, addresses client emails, and monitors the device health of network security devices such as DLP systems, SIEM systems, DLP consoles as well as Email and Web Security Gateways. Additionally, this position performs security incident triage, escalation support, advanced analysis, incident management/processing, and intelligence reporting for security devices, programs, and use cases monitored by InteliSecure. Duties also include execution of Standard Changes as described in Operations Manuals and work instructions. All work is tracked via a ticket based CRM system. Applicants must demonstrate exceptional attention to detail, possess analytical and troubleshooting skills, and be capable of maintaining high levels of client satisfaction. 

Ensure all tasks performed adhere to the firm’s ISO 27001 Information Security Management System (ISMS).  This includes participation in annual information and network security training and acceptance of spot checks on an ad hoc basis to guarantee that InteliSecure is constantly improving upon the organization’s ISMS.  Each member of our team must understand the importance of the ISMS and the subsequent handling of client data.

DUTIES & ESSENTIAL JOB FUNCTIONS:

•        Perform 24/7 SIEM and DLP monitoring, analysis, research, and reporting

  • Provide  2nd Tier of security intelligence feeds and initial investigation of security incidents
  • Provide communication and escalation to senior intelligence analysts for severe intelligence findings
  • Communicates directly with data asset owners and business response plan owners during high severity incidents
  • Hunting for indicators of compromise, using various toolsets, based on intelligence gathered
  • Takes an active part in the gathering, analysis, and communication of threat intelligence through the intelligence process
  • Identify and track active Cyber campaigns against customers or industries serviced by InteliSecure
  • Perform additional monitoring as required for all solutions applicable to client programs, use cases, and solutions
  • Complete near real-time SIEM triage, event analysis, correlation, alerting, and response
  • Provide recommendations and action plans to SM&A Team Leaders within outlined operational workflows
  • Identify and communicate action plans for system enhancement or monitoring based on alarm, alert, and/or event data in health checks and solutions triage
  • Develop and maintain whitelists and blacklists
  • Escalate technical issues to on-call phone(s), Security Monitoring & Analysis Team(s), Security Platform Engineer or Security Platform Engineer Team Lead
  • Escalate notable incidents to on-call phone(s), Security Monitoring & Analysis Team(s), Security Platform Engineer or Security Platform Engineer Team Lead
  • Update customer documentation and perform other administrative tasks as assigned

OTHER FUNCTIONS AND RESPONSIBILITIES:

·         Other Duties as Assigned

QUALIFICATIONS:

  •  3-5 years leadership/management experience
  • Bachelor’s Degree or equivalent experience in a systems administration, networking, or technical field, such as computer science or engineering
  • 10+ years managing security technologies in service operations
  • Significant experience briefing and/or providing reports/summaries to executive level client resources
  • Significant exposure to a variety of operating systems, such as Windows Server, Windows desktop, and Linux/Unix
  • Advanced understanding of DLP, proxy, mail transfer, firewall operations, and other general security practices
  • Advanced understanding of computer network fundamentals including address resolution protocol, routing, network address translation, virtual private networks, and the OSI model
  • Identifying potential problems from system logs
  • Excellent written and verbal communication skills
  • Time management and organizational skills
  • Ability to work autonomously without constant direction or supervision
  • Strong Analytical and Problem Solving Skills
  • Knowledge of security intelligence threats and threat actors
  • Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to event
  • Knowledge of LogRhythm SIEM
  • Knowledge of McAfee ESM
  • Knowledge of IBM Q-Radar
  • Knowledge of packet capture and analysis
  • Knowledge of Advanced Threat Detection technologies
  • Experience with log management or security information management tools 
  • Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat) 
  • Ability to make information security risk determinations based of threat intelligence analysis 
  • Effective verbal and written communication skills

HIGHLY PREFERRED:

  • CISSP
  • CEH
Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Location

5613 DTC Parkway, Suite 1250 , Greenwood Village, CO 80111

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about InteliSecureFind similar jobs