Principal Cyber Security Analyst
Senior Perimeter Security Engineer (Principal Cybersecurity Analyst)
The job involves performing functions related to Network and Perimeter specialized Security Engineers including Email Security, DNS, DDoS, IDS/IPS and cloud security. Looking for an energetic, hard charging individual able to keep up in an exciting and fast-moving security operations team that is engaged in several high-profile security projects to enhance our security posture. The candidate will be immersed in a quick changing environment in a very rapid changing threat landscape, working with numerous security professionals. The qualified candidate must be adaptable and able to work in a fast-paced environment where learning new skills and understanding new system architectures quickly is a key to success.
The Expertise and Skills You Bring
- Strong experience in Email Security, Email and Web Advance Threat Protection, DNS, DDoS, IDS/IPS and cloud security. Analyzing email, DNS and DDoS attack patterns to improve protections. Monitoring for baseline deviations for detecting external threat attacks and automate to proactively mitigate.
- Expert in DMARC and outbound email enforcement.
- Advance experience on Splunk or other SIEM (Security information and event management) Monitoring. Log Analysis Expertise - Email logs, IDS/IPS, NetFlow and Packet Analysis
- Perimeter and cloud security Expert with an outstanding understanding of the latest practices and trends in edge security.
- Reviewing policy enforcement change requests; interviewing submitters who have requested security configuration changes and require additional requirements gathering.
- Knowledge of Agile, DevSecOps, Open Source and a programming language is of substantial advantage
- 7 to 9 years of security experience desired, preferably in a matrix-driven corporate environment.
- Demonstrable experience troubleshooting and simulating Email traffic analysis
- Strong understanding of core networking concepts (e.g. – Email, TCP/IP, DNS, HTTP, proxy, load-balancing, etc.).
- Functional experience with Splunk, SIEM, or other log aggregation & analysis technologies.
- Experience with cloud solutions such as AWS or other IaaS/PaaS/SaaS environments.
- Ability to interact with both technical and non-technical staff, including management and executives, with experience articulating technical material in business terms.
- Functional understanding of network controls and policies to stop cyber threats.
- Familiarity with external facing security controls that can stop external attacks that may occur
- Familiarity with criminal activities and the attacks that may occur in each layer of the OSI model.
- Ability to make information security risk determinations based on intelligence analysis.
- Understanding cyber threats, malicious cyber threat actor motivations, and capabilities relevant to regions of interest.
Rotational shifts between 8 am to 11 pm (sometimes including weekend)
Education and Certification
- Positive personality and can-do attitude; you also have good communication skills with an excellent command of the English language.
- Open-minded, empathic and a team-mate with a partnering approach and an enthusiastic and motivated personality, with demonstrated experience in solving complex challenges
- Intellectually curious and therefore remain abreast of new technologies and developments relating to technical products that might be used enterprise wide and software delivery methodologies
- Proficient in balancing business partner views and interests
- Team player with excellent interpersonal & communication skills (written and verbal)
- Senior technical and non-technical Stake holder management
- Bachelor's degree in computer science or in lieu of:
- Industry certifications in cyber security incident management, such as, Certified Information Systems Security Professional (CISSP), GIAC and other related credentials.