Senior Cyber Security Ops Analyst and Remote
Senior Cyber Security Ops Analyst | Remote | Contract Senior Cyber Security Ops Analyst Applicants Need To Know
- 6+ Month Contract
- Work Status: USC, GC
- Sponsorship: No, Sponsorship provided.
- Office Type: Remote
- Hourly Rate: $75 to $85 W2 Only
- No Corp-to-Corp
Please note that only candidates who are authorized to work in the United States without sponsorship will be considered for this position. We seek a Senior Cyber Security Ops Analyst for our client. This is a contract position lasting 6+ months. The role is remote and requires availability in the Eastern or Central time zones. The Work
- Conduct investigations and respond to internal and external security threats.
- Oversee, respond to, and remediate DLP (data loss prevention) and SIEM events from on-premise and cloud systems.
- Implement advanced security monitoring techniques to identify malicious behavior on SaaS, cloud systems, network, servers, and endpoints.
- Manage, administer, and improve security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS, and other industry-standard security technologies.
- Develop automation response scripts to remediate commodity threats.
- Perform threat hunting activities to identify compromised resources.
- Understand and perform threat analysis utilizing industry-standard frameworks (kill chain and diamond model).
- Perform threat research and intelligence gathering to improve detection and response capabilities.
- Propose and review security plans and policies to improve the security environment.
- Maintain operational playbooks, process diagrams, and documentation for security monitoring and response.
- Review proposed Security deployments to ensure security monitoring requirements are met.
- Provide off-hour support as needed for security monitoring and response activities.
- Work closely with MSSP services, external forensic providers, and in-house IT teams to respond to and remediate security incidents both internal and external.
- Review compromised systems to identify the root cause of security incidents.
Qualifications
- Minimum of 5 years of experience in security monitoring and incident response
- Strong knowledge of DLP (data loss prevention) and SIEM events
- Experience with advanced security monitoring techniques on SaaS, cloud systems, network, servers, and endpoints
- Proficiency in managing and administering security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS, and other industry standard security technologies
- Ability to develop automation response scripts for commodity threats
- Familiarity with threat hunting activities to identify compromised resources
- Understanding of threat analysis utilizing industry standard frameworks (kill chain and diamond model)
- Experience in threat research and intelligence gathering to improve detection and response capabilities
- Knowledge of reviewing security plans and policies to enhance the security environment
- Strong documentation skills for operational playbooks, process diagrams, and security monitoring/response documentation
- Ability to review proposed Security deployments to ensure compliance with security monitoring requirements
- Willingness to provide off-hour support for security monitoring and response activities
Nice to Have
- Experience with cloud security technologies such as CASB, Cloud Access Security Brokers
- Knowledge of scripting languages such as Python or PowerShell
- Familiarity with industry compliance standards (e.g., PCI DSS, HIPAA, GDPR)
- Certifications in relevant areas such as CISSP, CISM, or CEH
- Experience working with incident response tools and processes