Associate Threat Analyst
- Overland Park, KS
At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.
In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.
Job DescriptionJob Description
ASSOCIATE THREAT ANALYST
The Associate Threat Analyst provides security monitoring, event analysis, notification and escalation on behalf of clients to reduce the impact of security incidents and system compromises.
PRIMARY DUTIES AND RESPONSIBILITIES
1. Screen security events from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC) and other client data sources for false positives. Notify client of true positives and escalate event to Level II Analyst for investigation.
2. Use strong TCP/IP networking skills to perform network troubleshooting to isolate and diagnose common network problems.
3. Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
4. Respond in a timely manner (within documented SLA) to support, threat and other cases.
5. Document actions in cases to effectively communicate information internally and to customers.
6. Adhere to policies, procedures, and security practices.
7. Resolve problems independently and understand escalation procedure. Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues.
8. Report common and repeat problems (trend analysis) to management and propose process and technical improvements.
9. Perform other duties as assigned.
The Associate Threat Analyst has no direct reports.
Education and Experience
• Associate’s Degree or equivalent from two-year College or technical school in Information Technology, Information Security/Assurance, Engineering or related field of study; at least 2 years of related experience and/or training; or equivalent combination of education and experience required.
• Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering or related field of study; or at least four years of related experience and/or training; or equivalent combination of education and experience preferred.
• Minimum 1 year of general IT experience required.
• Minimum 1 year of experience with a variety of operating systems including Windows, Linux or UNIX in a functional capacity preferred.
• Security+, CISSP, GCIH, GCIA, GPEN, CEH and or other industry certifications preferred.
• Excellent written and verbal communication skills required. Must be able to communicate technical details a clear, understandable manner.
• Customer-oriented focus required, with a strong interest in a satisfied client.
• Solid understanding of Information Security and Networking required.
• The ability to pick new technology or concepts up very quickly required.
• Outstanding time management and organizational skills required.
• Ability to fully utilize MS Office products required.
• This position requires shift work in a 24/7/365 environment. The capacity to work evening, overnight, and weekend hours is required.
• Self-starter, with a strong interest in technology and a desire to learn and grow in the Network Security field preferred.
• LogRhythm, QRadar McAfee ESM (Nitro), and/or ArcSight, SIEM experience preferred.
• Security and/or Networking familiarity or understanding preferred in any of the following:
- Basic routing principles and networking fundamentals
- Well known protocols and services (FTP,HTTP,SSH,SMB,LDAP)
- Command line interfaces
- Packet Analysis Tools (TCPDUMP, Wireshark, Ngrep)
All your information will be kept confidential according to EEO guidelines.