Company:
Ampcus Incorporated
Location: New Hyde Park
Closing Date: 23/11/2024
Hours: Full Time
Type: Permanent
Job Requirements / Description
Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team.
Job Title: Senior Security Operations Analyst
Location(s): New Hyde Park, NY
Description: Purpose the Sr. Security Operations Analyst is responsible for security monitoring and incident response for internal and external threats. The Sr. Security Operations Analyst performs advanced threat analysis, collaborates with internal IT teams and MSSP for security monitoring response, improves correlation and monitoring of security events, and leads security monitoring projects.
Key Responsibilities:
Security Monitoring:
Conducts investigations and responds to internal and external security threats.
Oversees, responds to, and remediates DLP (data loss prevention) and SIEM events from on premise and cloud systems.
Implements advanced security monitoring techniques to identify malicious behavior on SaaS, cloud systems, network, servers, and endpoints.
Manages, administrates, and improves security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS and other industry standard security technologies.
Develops automation response scripts to remediate commodity threats.
Performs threat hunting activities to identify compromised resources.
Understands and performs threat analysis utilizing industry standard frameworks (kill chain and diamond model).
Performs threat research and intelligence gathering to improve detection and response capabilities.
Proposes and helps review security plans and policies to improve the security environment.
Maintains operational playbooks, process diagrams and documentation for security monitoring and response.
Reviews proposed Security deployments to ensure security monitoring requirements are met.
Other duties may be assigned as needed to address new security threats facing the enterprise environment.
Provides off hour support as needed for security monitoring and response activities.
Incident Response:
Works closely with MSSP services, external forensic providers, and in house IT teams to respond to and remediate security incidents both internal and external.
Reviews compromised systems to identify root cause of security incidents and remediation actions that need to be taken.
Researches new TTPs (tactics, techniques, and procedures) that threat actors are utilizing to undermine enterprise IT environments.
Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.
Correlate incident data to identify specific vulnerabilities and make recommendations that enable swift remediation.
Plans, implements, and documents incident handling and response tasks and procedures.
Emerging Threats Monitoring: Obtains information and stays up-to-date on the latest threats and security trends in a fast and efficient way to keep the enterprise environment protected.
Service Desk and Incident Management: Assists in the investigation and resolution of security issues.
Security Monitoring:
Work with internal IT teams and external MSSPs for security monitoring of IDS, SIEM, DLP, AV, and Endpoint Security technologies.
Performs security event correlation, triage, and analysis.
Applies Security Threat Intelligence to respond appropriately to security events.
Recognize when a network/system has been compromised from and internal or external threat actor.
Works on projects to improve security monitoring and response capabilities.
Strong understanding of defense-in-depth security best practices.
Strong security engineering and architecture background to best understand how to employ the most effective and efficient security monitoring.
Demonstrate effective communication of security issues to management and others.
Maintain the security monitoring operational guidelines and standards for security.
Incident Response:
Performs incident response and forensic activities for internal and external threats.
Works with internal IT teams, MSSPs, and external Page 3 of 4 forensic services to respond to incidents.
Ensure that all identified breaches in security are promptly and thoroughly investigated/remediated.
Ensure that security incidents are documented accurately and complete.
Competency:
Focus on Customers Promoting and living customer service as a value.
Ensuring that the (internal or external) customer’s needs are a driving force behind priorities, decisions, processes, and activities.
Drive Results Setting high standards of performance for self and others; assuming responsibility and sense of urgency for successfully completing assignments or tasks; self-imposing standards of excellence rather than having standards imposed.
Develop Self and/or Others Planning and supporting the development of knowledge, skills, and abilities to fulfil current or future job responsibilities more effectively.
Champion Change Actively engaging and supporting change and innovation by communicating the future-state, trying new approaches, and collaborating with others to make the change successful.
Value Others Gaining other people’s trust by “doing the right thing,” demonstrating openness and honesty, behaving consistently, supporting an inclusive work environment and acting in accordance with legal, moral, ethical, professional, and organizational guidelines in support of our Values.
Build Relationships Building, leveraging and maintaining relationships within and across work groups.
Essential:
Bachelor’s degree in Computer Science degree or related field or equivalent combination of industry related professional experience and education.
Working experience with Information Security, Network Security, and Security Monitoring and Incident Response.
Working experience with industry standard security technologies and services Firewalls, VPN, IDS, Endpoint Security, DLP, AV, Proxy, SIEM.
Strong experience with SIEM event/log analysis and Desirable.
GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s).
Network / System Administration experience / background.
Ampcus is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, age, protected veterans or individuals with disabilities.
Job Title: Senior Security Operations Analyst
Location(s): New Hyde Park, NY
Description: Purpose the Sr. Security Operations Analyst is responsible for security monitoring and incident response for internal and external threats. The Sr. Security Operations Analyst performs advanced threat analysis, collaborates with internal IT teams and MSSP for security monitoring response, improves correlation and monitoring of security events, and leads security monitoring projects.
Key Responsibilities:
Security Monitoring:
Conducts investigations and responds to internal and external security threats.
Oversees, responds to, and remediates DLP (data loss prevention) and SIEM events from on premise and cloud systems.
Implements advanced security monitoring techniques to identify malicious behavior on SaaS, cloud systems, network, servers, and endpoints.
Manages, administrates, and improves security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS and other industry standard security technologies.
Develops automation response scripts to remediate commodity threats.
Performs threat hunting activities to identify compromised resources.
Understands and performs threat analysis utilizing industry standard frameworks (kill chain and diamond model).
Performs threat research and intelligence gathering to improve detection and response capabilities.
Proposes and helps review security plans and policies to improve the security environment.
Maintains operational playbooks, process diagrams and documentation for security monitoring and response.
Reviews proposed Security deployments to ensure security monitoring requirements are met.
Other duties may be assigned as needed to address new security threats facing the enterprise environment.
Provides off hour support as needed for security monitoring and response activities.
Incident Response:
Works closely with MSSP services, external forensic providers, and in house IT teams to respond to and remediate security incidents both internal and external.
Reviews compromised systems to identify root cause of security incidents and remediation actions that need to be taken.
Researches new TTPs (tactics, techniques, and procedures) that threat actors are utilizing to undermine enterprise IT environments.
Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.
Correlate incident data to identify specific vulnerabilities and make recommendations that enable swift remediation.
Plans, implements, and documents incident handling and response tasks and procedures.
Emerging Threats Monitoring: Obtains information and stays up-to-date on the latest threats and security trends in a fast and efficient way to keep the enterprise environment protected.
Service Desk and Incident Management: Assists in the investigation and resolution of security issues.
Security Monitoring:
Work with internal IT teams and external MSSPs for security monitoring of IDS, SIEM, DLP, AV, and Endpoint Security technologies.
Performs security event correlation, triage, and analysis.
Applies Security Threat Intelligence to respond appropriately to security events.
Recognize when a network/system has been compromised from and internal or external threat actor.
Works on projects to improve security monitoring and response capabilities.
Strong understanding of defense-in-depth security best practices.
Strong security engineering and architecture background to best understand how to employ the most effective and efficient security monitoring.
Demonstrate effective communication of security issues to management and others.
Maintain the security monitoring operational guidelines and standards for security.
Incident Response:
Performs incident response and forensic activities for internal and external threats.
Works with internal IT teams, MSSPs, and external Page 3 of 4 forensic services to respond to incidents.
Ensure that all identified breaches in security are promptly and thoroughly investigated/remediated.
Ensure that security incidents are documented accurately and complete.
Competency:
Focus on Customers Promoting and living customer service as a value.
Ensuring that the (internal or external) customer’s needs are a driving force behind priorities, decisions, processes, and activities.
Drive Results Setting high standards of performance for self and others; assuming responsibility and sense of urgency for successfully completing assignments or tasks; self-imposing standards of excellence rather than having standards imposed.
Develop Self and/or Others Planning and supporting the development of knowledge, skills, and abilities to fulfil current or future job responsibilities more effectively.
Champion Change Actively engaging and supporting change and innovation by communicating the future-state, trying new approaches, and collaborating with others to make the change successful.
Value Others Gaining other people’s trust by “doing the right thing,” demonstrating openness and honesty, behaving consistently, supporting an inclusive work environment and acting in accordance with legal, moral, ethical, professional, and organizational guidelines in support of our Values.
Build Relationships Building, leveraging and maintaining relationships within and across work groups.
Essential:
Bachelor’s degree in Computer Science degree or related field or equivalent combination of industry related professional experience and education.
Working experience with Information Security, Network Security, and Security Monitoring and Incident Response.
Working experience with industry standard security technologies and services Firewalls, VPN, IDS, Endpoint Security, DLP, AV, Proxy, SIEM.
Strong experience with SIEM event/log analysis and Desirable.
GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s).
Network / System Administration experience / background.
Ampcus is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, age, protected veterans or individuals with disabilities.
Share this job
Useful Links