Senior Cyber Security Ops Analyst | Remote

Senior Cyber Security Ops Analyst | Remote | Contract

Senior Cyber Security Ops Analyst

• 6+ Month Contract
• Work Status: USC, GC
• Sponsorship:
  No, Sponsorship provided.
• Office Type:
  Remote
• Hourly Rate: $75 to $85 W2 Only
• No Corp-to-Corp

Please note that only candidates who are authorized to work in the United States without sponsorship will be considered for this position.

We seek a Senior Cyber Security Ops Analyst for our client. This is a contract position lasting 6+ months. The role is remote and requires availability in the Eastern or Central time zones.

• Conduct investigations and respond to internal and external security threats.
• Oversee, respond to, and remediate DLP (data loss prevention) and SIEM events from on-premise and cloud systems.
• Implement advanced security monitoring techniques to identify malicious behavior on SaaS, cloud systems, network, servers, and endpoints.
• Manage, administer, and improve security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS, and other industry-standard security technologies.
• Develop automation response scripts to remediate commodity threats.
• Perform threat hunting activities to identify compromised resources.
• Understand and perform threat analysis utilizing industry-standard frameworks (kill chain and diamond model).
• Perform threat research and intelligence gathering to improve detection and response capabilities.
• Propose and review security plans and policies to improve the security environment.
• Maintain operational playbooks, process diagrams, and documentation for security monitoring and response.
• Review proposed Security deployments to ensure security monitoring requirements are met.
• Provide off-hour support as needed for security monitoring and response activities.
• Work closely with MSSP services, external forensic providers, and in-house IT teams to respond to and remediate security incidents both internal and external.
• Review compromised systems to identify the root cause of security incidents.

• Minimum of 5 years of experience in security monitoring and incident response
• Strong knowledge of DLP (data loss prevention) and SIEM events
• Experience with advanced security monitoring techniques on SaaS, cloud systems, network, servers, and endpoints
• Proficiency in managing and administering security monitoring products for DLP, SIEM, EDR, AV, Cloud Security products, IDS, and other industry standard security technologies
• Ability to develop automation response scripts for commodity threats
• Familiarity with threat hunting activities to identify compromised resources
• Understanding of threat analysis utilizing industry standard frameworks (kill chain and diamond model)
• Experience in threat research and intelligence gathering to improve detection and response capabilities
• Knowledge of reviewing security plans and policies to enhance the security environment
• Strong documentation skills for operational playbooks, process diagrams, and security monitoring/response documentation
• Ability to review proposed Security deployments to ensure compliance with security monitoring requirements
• Willingness to provide off-hour support for security monitoring and response activities

• Experience with cloud security technologies such as CASB, Cloud Access Security Brokers
• Knowledge of scripting languages such as Python or Power Shell
• Familiarity with industry compliance standards (e.g., PCI DSS, HIPAA, GDPR)
• Certifications in relevant areas such as CISSP, CISM, or CEH
• Experience working with incident response tools and processes