Previous Job
Senior Security Analyst
Ref No.: 18-15603
Location: New York, New York
Job Description

The Senior Security Analyst will act as a lead for the Information Security Team. This role requires a strong technical background and familiarity of traditional and emerging security technologies and practices. The activities of this role will be split between day-to-day operations activities and providing guidance to agency stakeholders or new and existing infrastructure related projects. The candidate must be able to work independently with minimal supervision, interact effectively with IT, Security, and Business leaders.

Key Responsibilities:

• Align with and support the execution of the Information Security Program vision and strategy.
• Provide assistance in the implementation, maintenance, and monitoring of the information security program into in-scope operational areas (gap analysis, risk assessment, third party assessments, procedure/specification development, execution of recurring procedures, incident response).
• Identify, analyze and communicate security vulnerabilities.
• Serve as an information security subject matter expert and trusted advisor.
• Understand current as well as emerging security threats and assist in the design of application architecture to mitigate threats where possible.
• Stay abreast of new security technologies and assist in the integration of new technology into architecture design when appropriate.
• As a contributor, take ownership for assigned areas of responsibility and effectively manage workloads to meet team deadlines.
• Clearly and concisely communicate in both written form and verbally to leadership and Management.
• Review security features of newly implemented systems, ensuring they meet existing security requirements and policies. Review proposed changes to existing policy as conditions warrant.
• On a day to day basis, the candidate will review reports to identity threats. Reports may be generated from tools such as Net Profiler, Imperva, Fire Eye and FirePower.

Preferred Skills
• Subject Matter Expert (SME) in the Cybersecurity field.
• Strong background experience in Information Technology with Windows, Linux, and Unix platforms.
• Strong background experience as a Level 2 (or above) Cyber Security Incident Response Analyst
performing incident handling, forensics, sensor alert tracking and cybersecurity incident case management.
• Expert level experience working with security technologies such as IDS/IPS, Firewalls, SIEM, Network
Packet Analyzers, Antivirus, Network Behavior Analysis tools, Malware analysis, Firewalls, DLP, endpoint
protection, log collection and analysis.
• Experience using and configuring tools such as Net Profiler, Imperva, Fire Eye and FirePower.
• Strong working knowledge of network protocols, ports and common services such as TCP/IP protocols and
application layer protocols (e.g., HTTP/S, DNS, FTP, SMTP, etc.).
• Hands on experience with scripting languages such as Python, Perl, Bash, and Powershell.
• Knowledge of privilege escalation, persistence and lateral movement techniques
• Identify and be able to react to network attacks, viruses, mal ware, SPAM, phishing and other intrusions.
• Ability to conduct system security vulnerability and threat analyses, gathering of intelligence, risk
assessments, mitigation planning and implementation.
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output.
• Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced
persistent threats.
• Demonstrated understanding of cyber security risk management concepts, cybersecurity frameworks,
control standards, secure coding principles, and security technologies.
• Effective interpersonal skills and the ability to thrive in a team environment.
• Ability to develop creative and innovative solution to complex business issues.
• Ability to balance various projects simultaneously.