Cybersecurity operations analyst tier-1

Posted: July 16, 2021, 1:53 a.m. - Full Time - Remote

Hellfire Security is a young and dynamic international company focusing solely on cybersecurity Assessment Services and Managed Security Services. We are looking for Cybersecurity Operations Analysts that can help us protect customers and detect threats to their networks.

Responsibilities

  • Process alerts that arrive and determine outcome of the events involved using threat indicators
  • Monitor sensors and sensor health, and take corrective action when necessary
  • Configure and tune threat detection system for new and existing customers
  • Make configuration changes to customer firewalls and intrusion prevention systems, and complete other maintenance tasks on these systems as requested
  • Identify, troubleshoot and resolve problems encountered by customers with various firewalls and intrusion prevention systems
  • Carries out security scanning of applications, systems, and/or infrastructure to discover security vulnerabilities.
  • Compile vulnerability scan data using available scripts and prepare the task lists produced
  • Complete compliance reports that track each customer’s progress and distribute all deliverables to customers
  • Work with customers to create a plan to address discovered vulnerabilities
  • Track the progress of the customer’s information security program, ask customer’s for updates, provide recommendations, and update our records concerning same
  • Prepare weekly and monthly reports when necessary
  • Track tickets and update as necessary

Required Skills

  • Basic understanding of vulnerabilities, threats, and risks
  • Basic understanding of application-layer attacks
  • Basic understanding of network-layer information gathering techniques, and attacks
  • Intermediate knowledge of networking and its technologies
  • Intermediate knowledge of Windows and Linux
  • Basic understanding of firewalls, proxies, WAF, IPS/IDS, and antivirus products
  • Familiar with standard security best practices
  • Experience with a ticket system and dealing with customer service and support
  • Experience with basic networking tools such as hping3, traceroute, ftp, telnet, and netcat
  • Experience with SSH and remote administration tasks

Preferred Skills

  • Experience with reviewing raw log files, data correlation, and analysis (i.e., firewall, network flow, IPS, system logs)
  • Experience with SIEM, Security Event Management, or other security-related monitoring system
  • Understanding of IDS signatures used to identify and/or prevent malicious activity
  • Ability to decipher snort signature syntax and regular expressions

Qualifications

  • Two to four years of hands-on experience in the detection, response, mitigation, and/or reporting of cyberthreats affecting networks
  • SANS GCIA certification (Not Required)
  • Other information security certifications are also recommended

We welcome all candidates with or without certification or degree. Brief skills assessment will, however, proceed the initial interview so be prepared.