Security Analyst

Apply now: Security Analyst II, location is Hybrid (2 days onsite in Alexandria, VA). The start date is ASAP.

Job Title: Security Analyst II

Location-Type: Hybrid (Tues & Thurs onsite in Alexandria, VA)

Start Date Is: ASAP

Duration: Permanent

Compensation Range: $150K-$165K

Job Description:
Support and enhance security operations, ticketing processes, and incident response across various cybersecurity tools, ensuring efficient security event monitoring, troubleshooting, and process automation.

Day-to-Day Responsibilities:

• Work with IDS, IPS, SIEM, and other security tools to generate and action tickets.
• Troubleshoot and resolve security incidents, escalating as needed.
• Ensure log sources and search sources are correctly consolidated for streamlined response.
• Document security processes and work toward automating operations.
• Generate reports on security operations, incident trends, and system performance.
• Collaborate cross-functionally with cybersecurity engineers and other IT teams.
• Participate in an on-call rotation (every six weeks) for cybersecurity incidents.

Requirements:

• Must-Haves:

  • 5 years in cybersecurity and 4 years as a Security Analyst.
  • Tenure in full-time roles (ideally 3-5 years per position).
  • Hands-on experience with ITSM (ticketing systems), SIEM, IDS/IPS, next-gen firewalls, DLP, email security, and web application firewalls.
  • Strong documentation experience with the ability to create and operationalize security processes.
  • Experience investigating, blocking, and remediating malicious traffic and alerts.
  • Ability to interpret logs and analyze security events using tools like Wireshark, Fortinet Analyzer, DeepSeas, and Microsoft Defender.
  • Familiarity with scripting languages such as PowerShell, Bash, or Python for security automation.
  • Strong interpersonal skills: proactive, team player, independent, and flexible.

• Nice-to-Haves:

  • Experience in startups or Managed Security Providers (MSPs).
  • Knowledge of DFIR, IAM, PAM, NGFW, EDR, CASB, SOAR, MSSPs, and MITRE Telecommunication&CK framework.
  • Background in systems engineering or administration.
  • Relevant cybersecurity certifications (GCIH, GCIA, GMON, GCED, CISSP, CEH, Fortinet, CompTIA, or similar).
  • Bachelor's degree in cybersecurity, IT, or a related field (or equivalent experience).