Cybersecurity Analyst

<p class="p1">We believe in having a personalized strategy for all things. That&rsquo;s why every cybersecurity stack is custom-built, it&rsquo;s why we form long-term partnerships with our clients, and it&rsquo;s why we highlight our team at every opportunity. In order for this to be successful, we need top tech talent who are motivated, inspired, and hard-working to build careers at DOT.</p> <p class="p1">Ready to change the face of cybersecurity? See what makes DOT different and apply today</p>

Lake Forest, IL

DOT Security

<p class="p1">People. Approach. Technology. Those are the three layers of DOT Security&rsquo;s process. Our approach and our tech are critical, but having the right people always come first.</p> <p class="p1">We believe in having a personalized strategy for all things. That&rsquo;s why every cybersecurity stack is custom-built, it&rsquo;s why we form long-term partnerships with our clients, and it&rsquo;s why we highlight our team at every opportunity. In order for this to be successful, we need top tech talent who are motivated, inspired, and hard-working to build careers at DOT.</p> <p class="p1">DOT first came from the Managed IT division of Impact Networking. As a more than 20-year-old business, Impact knows how to provide ongoing education and support for employees; qualities we&rsquo;ve taken over to DOT Security. But as a new company, we&rsquo;re also hungry to expand and improve, creating opportunities for anyone with drive and a vision.</p> <p class="p1">Ready to change the face of cybersecurity? See what makes DOT different and apply today!</p> <p class="p2">&nbsp;</p> https://dotsecurity.com/

keywords: managed security,defensive cybersecurity,career,defense,analysis,documentation,escalation,network,security,analysis,security,defense,education,network,certification

Entry-Senior Level

Overview: <p>DOT Security&rsquo;s mission is to improve the security posture of client organizations by providing detection, response, risk management, and compliance services as identified and required. DOT Security will implement processes, technology, and subject matter expert personnel to monitor and respond to client needs in the cybersecurity and compliance space. Working with client organizations, DOT Security will continuously measure and improve internal processes and technology, which will translate to improved services provided to the client.</p> <p>DOT Security is seeking team members to fill the role of Cybersecurity analyst, at different levels. Individuals will have the opportunity to join at all levels based on their knowledge and skills demonstrated during the interview testing and interview process. DOT Security has developed a career progression path, that challenges our team to grow as cybersecurity professionals with solid cybersecurity knowledge and to provide excellent customer service with ongoing detection and response capabilities as a member of the DOT Security - Security Operations Center (SOC).</p> <p>What you will be doing as a CSA, using data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of identifying, escalating tickets to clients to mitigate threats. See tasks below to get a better understanding of what you will be doing.</p> <p>The role of the Cybersecurity Analyst (CSA) is challenging and rewarding. It requires a business acumen, effective communication, and the ability to conduct thorough analysis and investigation of security data through the application of critical thinking and technical skills.</p>
Responsibilities: <p><strong>Associate CSA</strong></p> <ul> <li>Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.</li> <li>Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.</li> <li>Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.</li> <li>Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools.</li> <li>Identify applications and operating systems of a network device based on network traffic.</li> <li>Identify network mapping and operating system (OS) fingerprinting activities.</li> <li>Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.</li> <li>Work with stakeholders to resolve computer security incidents and vulnerability compliance.</li> <li>Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.</li> <li>Coordinate with enterprise-wide cyber defense staff to validate network alerts.</li> <li>Document and escalate incidents (including event&rsquo;s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.</li> </ul> <p><strong>Core CSA (In addition to the above tasks)</strong></p> <ul> <li>Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system, and information.</li> <li>Determine tactics, techniques, and procedures (TTPs) for intrusion sets.</li> <li>Identify and analyze anomalies in network traffic using metadata.</li> <li>Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).</li> <li>Assist in the construction of signatures that can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.</li> <li>Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.</li> <li>Perform cyber defense trend analysis and reporting.</li> <li>Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.</li> </ul> <p><strong>Senior CSA (In addition to the above tasks)</strong></p> <ul> <li>Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.</li> <li>Plan and recommend modifications or adjustments based on exercise results or system environment.</li> <li>Provide daily summary reports of network events and activity relevant to cyber defense practices.</li> <li>Examine network topologies to understand data flows through the network.</li> <li>Recommend computing environment vulnerability corrections.</li> <li>Reconstruct a malicious attack or activity-based off-network traffic.</li> <li>Analyze and report organizational security posture trends.</li> <li>Analyze and report system security posture trends.</li> <li>Assess adequate access controls based on principles of least privilege and need-to-know.</li> <li>Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.</li> <li>Assess and monitor cybersecurity related to system implementation and testing practices.</li> <li>Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.</li> <li>Isolate and remove malware</li> </ul>
Requirements: <p><strong>Skills</strong></p> <p>Associate CSA</p> <ul> <li>Skill in recognizing and categorizing types of vulnerabilities and associated attacks.</li> <li>Skill in reading and interpreting signatures (e.g., snort).</li> <li>Skill in detecting host and network based intrusions via intrusion detection technologies (e.g., Snort).</li> </ul> <p>Core CSA</p> <ul> <li>Skill in using protocol analyzers.</li> <li>Skill in collecting data from a variety of cyber defense resources.</li> <li>Skill in performing packet-level analysis.</li> </ul> <p>Senior CSA</p> <ul> <li>Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).</li> <li>Skill to use cyber defense Service Provider reporting structure and processes within one&rsquo;s own organization.</li> <li>Skill in developing and deploying signatures.</li> <li>Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.</li> <li>Skill in evaluating the adequacy of security designs.</li> <li>Skill in using incident handling methodologies.</li> <li>Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).</li> <li>Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).</li> <li>Skill in conducting trend analysis.</li> </ul> <p><strong>Abilities</strong></p> <p>Associate CSA</p> <ul> <li>Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.</li> <li>Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).</li> </ul> <p>Core CSA</p> <ul> <li>Ability to analyze malware.</li> <li>Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.</li> </ul> <p>Senior CSA</p> <ul> <li>All of the above at the Advanced level</li> </ul> <p><strong>Other Desired Attributes</strong></p> <ul> <li>Certifications include, but not limited to, A+, Network+, Security+, CYSA+, or other industry recognized Security Analyst certifications.</li> <li>Public Trust background check (Limited Requirement)</li> <li>Must be able to do some light lifting</li> <li>College degrees may be a substitute for up to two years experience for Bachelor&rsquo;s degrees. 4 Years for master&rsquo;s degrees.</li> </ul>