Security Analyst II
Indianapolis, IN, United States
Security Analyst II
REMOTE
4x10 Schedule: Saturday (pm) - Wednesday (am)
Shift: 11:00pm - 9:00am Eastern Time
About the Role:
As a Security Analyst II, you will be responsible for supporting the 24/7/365 Security Operations Center (SOC). You will serve as the escalation point for the Security Analysts (Tier 1) and provide backup, when required, answering incoming calls, and internal and external emails.
Your priority is to monitor, detect and respond to customer alerts received by various log and network sources within the Endpoint, Detection and Response (EDR) solutions. You will also be reviewing vulnerability reports and assessments.
Responsibilities:
Review internal tickets and assign according to designed workflows
Analyze intrusions, detect incidents, and assist in response
Seek out attacker presence on client's networks and logs with advanced threat hunting
Identify attack vectors, threat tactics and attacker techniques
Proactively engage with clients to understand their security needs and wants
Regularly assist with reviews and provide reports on observed threats
Research new threats to enterprise environments
Assist Senior Security Analysts as directed by leadership to participate in hunt activities and intelligence actions
Work with the team to resolve issues, tweak current processes, and develop/improve existing work instructions
Analyze Indicator of Compromises (IOCs) and work with the team to develop countermeasures
Technologies: Demonstrated experience with some of the following: Packet Capture (PCAP) analysis using Wireshark
Familiarity with commercial or open source log or SIEM solutions
Event analysis, correlation, reporting and alerting
Reverse engineering malware and host-based analysis/detection
Service discovery tools such as nmap and,
Vulnerability scanning tools such as Nessus, Nexpose, and/or Qualys
Experience with system or network administration (Unix/Linux experience preferred)
Experience and knowledge of information security, IPv4/v6 networks, network devices, proxies, and IDS/IPS tools and applications
Endpoint, Detection and Response (EDR) solution experience (FireEye, SentinelOne, Crowdstrike for example)
Knowledge & Skills: 4-7 years of overall I.T. experience
Industry-recognized certifications related to cybersecurity or 2-year degree in computer technologies and industry-recognized certifications
4-year degree in Computer Science or equivalent
Continuous growth progress within the Cybersecurity/Information technology field by accumulating certifications, degrees and/or CPEs
Intermediate level log analysis and review skills
Beginner experience with vulnerability scanning tools and reporting
Intermediate Email phishing detection/analysis experience
Experience working within ticketing systems
Who we are:
At Pondurance we embrace, educate, and protect people by helping make our world a better and safer place. We believe in inviting good people into our company who are driven to become great!
Every person at Pondurance is encouraged to focus and grow in their individual areas of interest, passion, and career path. We have accessible leaders as Mentors who believe "None of us are as smart as all of us" (R. Pelletier).
We believe everyone has the freedom to be themselves, especially at work and so we embrace, support, and celebrate each other. Each one of us influences our company's direction through speaking up, you have a voice and we want you to use it.
Do you want to be a part of something different? Do you want to influence real change? Do you want to be part of the solution? Then join us in redefining the security and cyber risk landscape.
What We Offer:
The opportunity to apply your expertise, take on new challenges, and help customers address their biggest security objectives.
An inclusive culture of teamwork that embraces the diversity of our people and communities in which we work.
Some of the corporate benefits (there are more) for full-time employees include: Medical, dental, vision, disability, FSA, HSA, life and AD&D insurance, 401(k) Plan.
Time off: PTO, sick, holiday, & parental leave details are available
Money: We provide competitive compensation packages based on the market and your overall credentials.
Although this is a remote role, if you live close by, you'll have access to our office locations: McLean, VA or Indianapolis, IN.
To promote a healthy and safe work community we require background and drug screenings as part of our hiring process. Details of our process will be provided upon request.
We are an equal opportunity employer focused on celebrating diversity and inclusion. We believe that each individual should be treated equally without regard to race, color, identity, national origin, protected veteran status, religion, sex including sexual orientation and gender identity, disability, or any other characteristic protected by law.