What you’ll be doing...
The Principal Security Analyst will be a Splunk SME in order toanalyze the most complex threats and act as an escalation point for other security analysts. The position involves managing Splunk implementations for managed security services customers, as well as use case creation, dashboards, tuning, and log source configuration. As aPrincipal SecurityAnalyst you will:
- Support data collection and analysis of sources such as network and security devices, including firewalls, VPN concentrators, routers, data encryption, and IDS/IPS to ensure proper logging and analytical reporting.
- Conduct threat analysis on the network and system to find exploitable weaknesses and vulnerability remediation and protection implementation.
- Support escalated security issues through the use of software that detects intrusions and anomalous system behavior.
- Lead incident response, including steps to minimize the impact and follow-on technical and forensic investigation to discover origin of breach and the extent of the damage.
- Be responsible for advanced security event detection and threat analysis for complex and/or escalated security events.
- Provide log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions.
- Validate log sources and indexed data, search through indexed data to optimize search criteria.
- Add Customer Context, eliminate “noise” and false positives, and develop trends and data models.
- Distill Customer intelligence feeds; use cases, trends and data models.
- Create custom alert schema, reports and custom dashboards.
- Conduct security training of junior operational staff, to include information security standards, policies and best practices.
What we’re looking for...
You'll need to have:
- Bachelor's degree or four or more years of work experience with Splunk
- Six or more years of experience investigating network threats with analysis experience of multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques, APTs.
- Currently have or eligibility to obtain a government issued clearance at the Secret level
Even Better if You Also Have:
- TCP/IP networking skills to perform packet and log analysis
- Experience searching through the packets and performing analysis on not just detected traffic, but on traffic that didn't trigger alerts on monitoring tools as well, looking for patterns and call-outs, and providing input to the customers based on the research we've performed and escalating advanced findings
- Strong understanding of attacks, malware, and other threat vectors
- Strong grep/regex skills
- Experience as a motivated and customer-focused SIEM engineer who can work as a subject matter expert. Requires expert level understanding of SIEM platforms
- Strong understanding of Splunk Use Case creation, Dashboards and Tuning
- Strong Splunk Enterprise Security (ES) experience to include Index Design, Infrastructure, Data Collection, Deployment Management, Data Enrichment, Querying, Integration and Operations
- Security Analysis experience to include incident classification, investigation and remediation
- Strong Linux shell, Perl, Python scripting and CLI skills
- SANS or other Security industry certifications such as GIAC, GSEC, GCIA, GCIH, GREM, GPEN or OSCP are a plus
- SIEM Security Operations Management experience
- Hands-on experience in network and security device management with troubleshooting on the third-party vendor products such as Cisco, Juniper, Fortinet, Palo Alto, FireEye, etc. Prior exposure to a subset of 2 or 3 of these vendors suffices
- Computer Science or technical, quantitative Bachelor’s Degree preferred
When you join Verizon...
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Click here for more info: http://www.verizon.com/about/work/jobs/2436136-principal-security-analyst
• Post ID: 46254077 nova