Security Operations Analyst Employee

Deltek

Employee

TELECOMMUTE – US National

1/15/21

Job Description

Security Operations Analyst

US Remote

6236BR

Position Responsibilities

Monitor SIEM and other event sources, assess, prioritize and escalate security alerts according to the IR Playbook

Analyze and investigate Cybersecurity events from security tools or reported incidents

Collect supporting information and/or relevant artifacts in support of IR activities

Continuously stay abreast of threats, vulnerabilities, tools, and countermeasures

Monitor the health and performance of security tools and devices, resolving issues as necessary

Advise Senior IR Analysts and Security Team members on incident status

Document standard operating procedures matching day-to-day operations

Assess and report exploitable vulnerabilities

Assist engineering groups in evaluating and deploying new solutions

Perform day-to-day analysis of logs to detect anomalies or events that could lead to incidents

Establish and maintain strong working relationship with team members and business unit stakeholders

Monitoring Deltek’s infrastructure and automate tasks to improve efficiency

Promote security awareness throughout the organization

Recommend process improvements to Deltek’s incident response procedures

Provide on-call Security Operations support based on assigned shift

Perform other duties as assigned

Qualifications

Education & Experience:

BA/BS in Computer Science, Information Technology, SANS training or equivalent experience

Two or more years of experience in Information Security

Two or more years direct experience monitoring a SIEM (i.e. Splunk, LogRhythm, QRadar)

Strong understanding of Operating Systems: Windows, Unix/Linux

Self-motivated while demonstrating a passion for Cybersecurity

Familiar with Cloud Security Alliance and SANS top 20 critical controls

Must have good communication and teamwork skills

Hands-on experience with Anti-Spam, Anti-Virus, AWS, Firewalls, IDS/IPS, NAC, WAF, and SIEM preferred

Certification such as: GCIH, GCFA, Security+ preferred

Technical Knowledge & Skills:

Practical experience with incident management including incident handling, malware cleanup, investigations

Understanding of: firewalls, IPS, SIEMs, Internet Protocols, including hands-on administration, log analysis and configuration

Ability to quickly prioritize and correlate multiple unstructured events and incidents

You have an ownership mentality ? you pick up and run with an incident to completion with minimal supervision

You have: Insatiable curiosity, perseverance, flexibility and are innovative

Well-developed communication, reporting, and presentation skills as Deltek is a highly collaborative environment

Amazing customer service skills, can-do attitude. You’ll play a role in securing Deltek and our customers

Ability to perform work after normal business hours

Company Summary

Better software means better projects. Deltek is the leading global provider of enterprise software and information solutions for project-based businesses. More than 30,000 organizations and millions of users in over 80 countries around the world rely on Deltek for superior levels of project intelligence, management and collaboration. Our industry-focused expertise powers project success by helping firms achieve performance that maximizes productivity and revenue. www.deltek.com

Computer & IT , Computer Security

US National