Cybersecurity Data Analyst - Remote
Arlington, Virginia
Applications have closed
XOR Security is looking for a mid-level Cybersecurity Data Analyst to perform the following duties:
- Play an integral role in assessing and establishing a framework for Security Audit (Continuous) Monitoring Operations in a 24x7x365 environment comprised of High Value Assets (HVAs)
- Escalate and report potential user-related incidents by creating and updating incident cases and tickets
- Perform risk assessment analysis for Privilege Access Management (PAM) for elevated, global, privileged users and users with access to sensitive data sources
- Provide monitoring of Identity Access Management (IAM) capabilities to assess the repository of user identity data, automated fulfillment of resource provisioning and de-provisioning workflows, and a request/ approval mechanism to facilitate user self-service for application/ resource access.
- Create deliverables in support of monitoring and analysis activities to include daily summary reports
- Review deliverables created by the User Activity Monitoring and Security Audit Monitoring teams leveraging a deep understanding of security and privacy principles and solutions.
- Confirm the accuracy of anomalous activity and incident management statistics.
- Document HVA Incident risk mitigation strategies and alternative solutions for security and Counter-Insider Threat (CINT) risk areas.
- Support resolution of identified defects through analyses, presentations and coordination meetings.
- Establish and maintain an internal CINT risk register to track potential security and privacy weaknesses.
- Provide continuous monitoring assessment and validation of Security Audit Monitoring operations where output is specified, developed and tested to meet and demonstrate compliance with security and CINT requirements.
Required qualifications
- Minimum 4 years of experience as a cybersecurity analyst
- Minimum Bachelors Degree
- Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis.
- Experience assessing and monitoring Privilege Access Management (PAM) and Identify Access Management (IAM) platforms
- Prior experience and ability to with analyzing information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents. This includes security event triage, incident investigation, implementing countermeasures, and conducting incident response.
- Previous hands-on experience with a Security Information and Event Monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting is required (preferably within Splunk).
- Strong logical/critical thinking abilities, especially analyzing security events from host and network event sources (e.g., windows event logs, AV, EDR, network traffic, IDS events for malicious intent).
- Strong proficiency Report writing – a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting, excellent verbal and written communications skills and ability produce clear and thorough security incident reports and briefings.
- A working knowledge of the various operating systems and platforms (e.g., Windows, OS X, Linux, Solaris, RHEL, SunOS, IBM z/OS Mainframe etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
- Experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment.
Desired qualifications
- Candidates with active IRS Moderate-Risk Background Investigation (MBI) clearances are strongly desired
- Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering
- One or more of the following certifications: GCIA, GCED, GCFA, GCFE, GCTI, GNFA, GCIH, ECSA, CHFI, Security+, Network+, CEH.
- An understanding in researching Emerging Threats and recommending monitoring content within security tools.
- Familiar with DHS CISA’s Security Architecture Review (SAR) process
- Experience with performing assessments on High Value Assets (HVAs)
- Experience with one or more of the following technologies and specific tools: Splunk (including Core, Phantom and ES), Vanguard, Qualys, z/OS, Palantir, CyberArk
Closing Statement:
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements – US CITIZENSHIP REQUIRED.
* Salary range is an estimate based on our AI, ML, Data Science Salary Index 💰
Tags: Architecture Computer Science Engineering Linux Privacy Security Splunk SQL Statistics
Perks/benefits: 401(k) matching Health care Team events
More jobs like this
Explore more AI, ML, Data Science career opportunities
Find even more open roles in Artificial Intelligence (AI), Machine Learning (ML), Natural Language Processing (NLP), Computer Vision (CV), Data Engineering, Data Analytics, Big Data, and Data Science in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Data Science Manager jobs
- Open MLOps Engineer jobs
- Open AI Engineer jobs
- Open Senior Business Intelligence Analyst jobs
- Open Sr Data Engineer jobs
- Open Data Engineer II jobs
- Open Data Manager jobs
- Open Principal Data Engineer jobs
- Open Data Analytics Engineer jobs
- Open Power BI Developer jobs
- Open Junior Data Scientist jobs
- Open Product Data Analyst jobs
- Open Data Scientist II jobs
- Open Senior Data Architect jobs
- Open Business Intelligence Developer jobs
- Open Sr. Data Scientist jobs
- Open Manager, Data Engineering jobs
- Open Big Data Engineer jobs
- Open Data Analyst Intern jobs
- Open Business Data Analyst jobs
- Open Data Quality Analyst jobs
- Open Data Product Manager jobs
- Open Junior Data Engineer jobs
- Open ETL Developer jobs
- Open Principal Data Scientist jobs
- Open Data quality-related jobs
- Open Business Intelligence-related jobs
- Open GCP-related jobs
- Open ML models-related jobs
- Open Data management-related jobs
- Open Privacy-related jobs
- Open Java-related jobs
- Open Finance-related jobs
- Open Data visualization-related jobs
- Open APIs-related jobs
- Open Deep Learning-related jobs
- Open PyTorch-related jobs
- Open Consulting-related jobs
- Open TensorFlow-related jobs
- Open Snowflake-related jobs
- Open PhD-related jobs
- Open NLP-related jobs
- Open CI/CD-related jobs
- Open Kubernetes-related jobs
- Open Airflow-related jobs
- Open Data governance-related jobs
- Open Databricks-related jobs
- Open Hadoop-related jobs
- Open LLMs-related jobs
- Open Data warehouse-related jobs