Security Analyst

Summary

Join Pondurance as a Security Analyst and be on the frontline of cybersecurity, mitigating client risks and containing threats. You will analyze intrusions, detect incidents, and assist in response efforts. This role requires experience with security tools and technologies, strong analytical skills, and the ability to work a 4x10 shift (Wednesday-Saturday), 11 pm - 9 am ET, including holidays. Pondurance offers a collaborative and inclusive work environment with competitive compensation and benefits, including medical, dental, vision, disability, life and AD&D insurance, 401(k), PTO, sick leave, holiday pay, and parental leave. Remote work is available, with preference given to candidates in McLean, VA or Indianapolis, IN.

Requirements

• MUST have a minimum of 1-2 years of experience with one or more of the following: Microsoft Defender, CrowdStrike, SentinelOne
• Demonstrated experience with several of the following: Packet Capture (PCAP) analysis using Wireshark
• Familiarity with commercial or open-source log or SIEM solutions
• Event analysis, correlation, reporting, and alerting
• Reverse engineering malware and host-based analysis/detection
• Service discovery tools such as nmap
• Vulnerability scanning tools such as Nessus, Nexpose, and/or Qualys
• Experience with system or network administration (Unix/Linux experience preferred)
• Experience and knowledge of information security, IPv4/v6 networks, network devices, proxies, and IDS/IPS tools and applications
• Effective in evaluating information for reliability, validity, and securing network communications
• Analytical Thinking: Break down the fundamental components of a problem or situation, examine the relationship between them, verify all pertinent facts and draw an appropriate conclusion
• Applied Technical Thinking: Able to apply specialized, theoretical knowledge to efficient operational uses
• Capacity for Synthesis: Able to bring together disparate elements to create a coherent entity or a big-picture overview in order to gain a new perspective
• Flexibility: Operate efficiently in constantly evolving environments and, when confronted with unforeseen circumstances, readjust priorities to accommodate change
• Problem Solving: Able to identify problems, determine cause and effect, and propose solutions using new approaches or an innovative point of view
• Sense of Urgency: Be prone to react quickly to outside demands, get onto things right away and get things done fast

Responsibilities

• Analyze intrusions, detect incidents, and assist in response
• Seek out attacker presence on client’s networks and logs
• Identify attack vectors, threat tactics and attacker techniques
• Engage with clients to understand their security needs and wants
• Regularly assist with reviews and provide reports on observed threats
• Research new threats to enterprise environments
• Analyze IOCs and work with the team to develop countermeasures
• Collaborate with the team to resolve issues, tweak current processes, and revamp existing SOPs
• Shift work and holiday work are required as part of a 24/7/365 SOC

Benefits

• Medical, dental, vision, disability, FSA, HSA, life and AD&D insurance, 401(k) Plan
• PTO, sick, holiday, & parental leave details are available
• Competitive compensation packages based on the market and your overall credentials