Information Security Analyst
Dallas, TX, United States
Job Description Job Description Position Summary
Flexjet is currently seeking a qualified candidate to join our IT department as an Information Security Analyst at our state-of-the-art facility in Cleveland, Ohio or Dallas, Texas.
As an Information Security Analyst, you will work as part of a team to help ensure the Confidentiality, Integrity, and Availability of our organization's systems, networks, and data. You will have a primary focus on Incident Response, Threat hunting, and Threat Intelligence; investigating security events, and utilize forensics to identify root causes. You will ensure proper implementation and maintenance of threat intelligence processes, procedures, and integrations/automations to help defend against new and emerging threats.
Duties and Responsibilities
Serve as the primary escalation point for incidents raised by our SOC requiring deeper investigation and analysis
Recommend improvement and tuning opportunities with alerting
Implement components of a multi-layered defense to protect information system resources and data, both on-premise and in the cloud
Assist with gathering evidence of technical and administrative controls implementation for audits and reviews.
Provide recommendations to improve monitoring for on-premises and cloud resources to assist with the development of high quality alerts
Utilize EDR and other security tools to develop playbooks and increase automated responses capabilities
Investigate, respond, report, and document security breaches
Consolidate data to develop accurate reports and metrics to help measure impact of implemented and improved security controls
Perform risk assessments on prospective IT vendors, hardware, software, services, and components.
Participate in the on-call rotation.
Must be able to work outside of normal, scheduled business hours as needed
Perform other tasks and duties as assigned
Education & Experience
Bachelor’s Degree in Computer Science preferred
Cyber Security certification (GCIH, GCFA, CySA+, CASP+)
1-3 years of experience in Information Security
1+ years of experience with either programming, networking, system administration, or DevOps
Experience performing firewall reviews - Palo Alto, Cisco, Checkpoint, pfSense.
Experience with SIEM’s such as LogRhythm, Splunk, Azure Sentinel, Alien Vault or Rapid 7
Strong experience using Microsoft suite of e5 products such as Endpoint Manager (InTune), Security, Purview (Compliance), Entra, etc.
In depth experience securing a hybrid infrastructure
Strong Cloud Experience with either AWS, Azure, or GCP.
Required Skills
Knowledge MITRE ATT&CK, and Kill Chain
Knowledge of IOC extraction, computer forensics, and malware analysis, technologies and methods
Expert IPv4 Networking fundamental skills are required. TCP/UDP, Routing, VLANs, Subnet masking, DNS, DHCP, common protocols and ports. IPv6 is a bonus.
Ability to identify and validate vulnerabilities
Ability to communicate security issues to peers and management
Solid understanding of Windows Server Technologies including Active Directory, File Permissions, Print Servers, Group Policies, Clustering
Strong verbal and written communication
Work well independently or with a team
Manages time well working simultaneous challenges without undue stress.
Flexibility and willingness to work in a changing, entrepreneurial environment.
#J-18808-Ljbffr