Our Client a Major Entertainment/Media firm located in Midtown Manhattan is seeking a Security Operations Analyst. This is a contract opportunity with no end date. This role is a hybrid opportunity, 4 days onsite. As a Security Analyst, you will play a crucial role in maintaining and enhancing our organization's cybersecurity posture. You will assist in the execution of various security initiatives and collaborate closely with cross-functional teams to implement effective security measures. A security analyst's primary duties will be to detect and respond to threats facing the Bank and continually improve our security posture.
Responsibilities
Monitor and respond to security incidents and alerts
Regularly audit and analyze user activity logs, privileged activities, file access, and email activity
Recognize and respond to anomalous patterns of user and entity behavior
Analyze anomalous traffic in cloud environments, validate threats, and determine remediation steps.
Analyze email attributes such as headers and implement appropriate countermeasures.
Analyze and assess security threats and vulnerabilities, recommending appropriate mitigating actions
Continuously monitor networks for security breaches and other anomalous activities
Maintain detailed records of security incidents, analyses, and mitigation actions taken
Generate and present detailed reports on security incidents, trends, and responses for senior management
Participate in process review, incident briefing, and incident response meetings
Work closely with other GT&O staff to enhance system security and develop robust defense mechanisms
Stay informed and updated with the latest security technologies, trends, and threat vectors to continuously improve the organization's security posture
Knowledge of common tactics, techniques, and procedures (TTPs) used by cyber adversaries
Qualifications
Bachelor's Degree required, with a preference for Cybersecurity
1+ years of experience in an IT Security Operations role
1+ year of experience with the Microsoft Defender Security Suite, including Microsoft Defender for Identity, Microsoft Defender for Office, Microsoft Defender for Endpoint, and Microsoft Defender for Cloud
Strong understanding of network protocols, firewalls, VPNs, IDS/IPS, and anti-virus software
Strong understanding of identity management and Active Directory and Azure Active Directory
Excellent analytical and problem-solving skills with the ability to think critically under pressure
At Least One Entry-level Cybersecurity Certification
CompTIA CySA+ or Security+
GIAC Security Essentials (GSEC)
Microsoft Certified Security Operations Analyst
Knowledge of the MITRE ATT&CK framework, and basic concepts of threat hunting
Proficiency with scripting languages
Experience with offensive security tools
Strong verbal, written, and interpersonal communication skills
Highly organized, motivated, dedicated and a team player
Availability to work during emergencies, and scheduled afterhours and weekends