Cyber Security Analyst (REMOTE)

DivIHN (pronounced Divine) is a nationally-recognized Business Technology Solutions and Staffing services provider headquartered in Chicago. Since our formation in 2002, we have been trusted by Fortune 500 organizations to help them locate and hire best-in-class talent through our Award-winning Professional Workforce Solutions program.

Check out our careers page to see all of our job openings: http://divihn.com/careers/find-a-job/

One of our BEST F500 customers has engaged us to help them hire a Cyber Security Analyst (REMOTE) to be available to work out of their office in N/A, N/A; details can be found below.

5 months 21 day(s)

Please apply or call one of us to learn more

For further inquiries regarding the following opportunity, please contact one of our Talent Specialists

Lavanya at 224 369 0873

Dipankar at 224 507 1264

Title: Cyber Security Analyst (REMOTE)

Duration: 6 Months (Contract to Hire)

Location: REMOTE

Time zone: Eastern, hours are 7a to 4p in order to overlap with EU team

Job Responsibilities

• Cyber Defense Operations activity including:
• Investigating and responding to DLP alerts.
• Investigating and responding to Insider Risk management alerts.
• Processing trainable classifiers.
• Metrics gathering and management.
• Help finalize the DLP/IP services.
• Help develop Threat-hunting and Intelligence services.
  
  

Projects

• Data Loss Prevention (DLP) deployment
• Insider Threat Program Development
• Threat Intelligence Program Development
• Technical Skills Required:
  
  

Technical Skills Required

The individual can conduct vulnerability scans and recognize vulnerabilities in security systems, ensuring the robustness and resilience of these systems. They can accurately and completely source all data used in intelligence, assessment, and planning products, ensuring the reliability and comprehensiveness of these products. They can apply cybersecurity and privacy principles to organizational requirements, ensuring the confidentiality, integrity, availability, authentication, and non-repudiation of the organization’s data and systems. It would be beneficial if they had some project management or development ability.

Familiarity with Microsoft Purview and Sentinel

A0015: Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.

A0066: Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.

A0123: Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Specialized Skills Required

T0020: Develop content for cyber defense tools.

T0088: Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.

T0155: Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.

T0164: Perform cyber defense trend analysis and reporting.

T0166: Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.

T0187: Plan and recommend modifications or adjustments based on exercise results or system environment.

T0198: Provide daily summary reports of network events and activity relevant to cyber defense practices.

T0258: Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

T0259: Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.

T0292: Recommend computing environment vulnerability corrections.

T0293: Identify and analyze anomalies in network traffic using metadata (e.g., CENTAUR).

T0294: Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).

T0332: Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.

T0469: Analyze and report organizational security posture trends.

T0475: Assess adequate access controls based on principles of least privilege and need-to-know.

T0503: Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.

T0526: Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.

T0545: Work with stakeholders to resolve computer security incidents and vulnerability compliance.

T0548: Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.

Interview Process

With the hiring manager

With Cyber Defense Associate

Educational Requirements

At least three years of work experience in Information Technology, Networking, or Information Security. Work experience with or certification with Microsoft Purview tooling.

About Us

DivIHN, the 'IT Asset Performance Services' organization, provides Professional Consulting, Custom Projects, and Professional Resource Augmentation services to clients in the Mid-West and beyond. The strategic characteristics of the organization are Standardization, Specialization, and Collaboration.

DivIHN is an equal opportunity employer. DivIHN does not and shall not discriminate against any employee or qualified applicant on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status.