Junior Cybersecurity Analyst

Job Description

Job Description

Junior Cybersecurity Analyst

Personnel Qualifications

• At least two years of experience performing the functions associated with this labor category.
• Experience administering and maintaining the logic for a variety of intrusion detection, prevention, and analysis platforms that are designed to identify and/or technically counter attempted intrusions as part of a defense-in-depth program that protects both local (on-premises) and cloud computing systems. This includes authoring and implementing custom detection content for signature-based detection systems, security information and event management (SIEM) systems, host-based detection systems, and firewall logic.
• Experience monitoring real-time network activity flagged by a variety of intrusion detection, prevention, and analysis platforms and experience analyzing the resulting raw data, metadata, and event logs to confirm suspected intrusion attempts into either local (on-premises) or cloud computing systems.
• Experience investigating network anomalies and responding to cybersecurity incidents in either local (on-premises) or cloud computing systems, including all phases of the digital forensics and incident response process (e.g. preparation, scoping, containment, eradication, remediation, recovery, lessons learned, and closeout).
• Experience implementing and maintaining a fully operational data loss prevention capability that prevents the loss of data from local (on-premises) and/or cloud computing systems.

Capabilities

• Administer and maintain logic for a variety of intrusion detection, prevention, and analysis platforms.
• Author and implement custom detection content for signature-based detection systems, security information and event management (SIEM) systems, host-based detection systems, and firewall logic.
• Monitor real-time network activity flagged by a variety of intrusion detection, prevention, and analysis platforms and analyze raw data, metadata, and event logs to confirm suspected intrusion attempts into either local (on-premises) or cloud computing systems.
• Investigate network anomalies and respond to cybersecurity incidents in either local (on-premises) or cloud computing systems.
• Implement and maintain a fully operational data loss prevention capability that prevents the loss of data from local (on-premises) and/or cloud computing systems.

Certification

• CompTIA Security+
• GIAC Security Essentials Certification (GSEC)
• Equivalent