Request ID: BL-9594-1 (95191117)
Local Security Analyst (Security+) with monitoring, intrusion detection, penetration testing, incident response, assessment, Scripting, Cyber Security, Unix/Windows/db/OS/networking, Splunk, BRO/Zeek, FireEye, Tenable, Stealthwatch and Cloud experience
Location: CLEMSON, SC
Duration: 6 Months Hrs/Wk: 37.50
Note: Professional References – minimum of three (3) in attached format
2 Rounds of interviews. 1 Phone and 1 in-person
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
• Experience working in Security monitoring and intrusion detection; security assessments and penetration testing; incident response.
• Scripting language experience
• Application security
• Cyber security
• Incident management
• Experience with Unix, Windows, web apps, databases, strong authentication, operating systems and network security
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
• Log analysis
• Web application
• Experience using security tools like Splunk, BRO/Zeek, FireEye, Tenable, and Stealthwatch.
• Windows and Linux hardening experience.
• Cloud experience
BACHELOR’S DEGREE IN COMPUTER SCIENCE OR A RELATED TECHNICAL FIELD OR EQUIVALENT RELEVANT EXPERIENCE MAY BE SUBSTITUTED.
Desired but not required: Security +
Database Platforms Scripting Language experience Yes 1 Intermediate Within 6 Months 2 – 4 Years
Education Bachelor’s degree in a technical or business field No 1
Network Security Application Security Yes 1 Intermediate Within 6 Months 2 – 4 Years
Network Security Cybersecurity Yes 1 Intermediate Within 6 Months 2 – 4 Years
Network Security Penetration Testing Yes 1 Entry Within 6 Months 2 – 4 Years
Networking & Directories Experience with UNIX, Windows, Linux, MacOS, Cisco, Juniper, web apps, databases, strong authentication, operating systems and network security protocols and procedures. Yes 1 Intermediate Within 6 Months 2 – 4 Years
Networking & Directories INCIDENT MANAGEMENT Yes 1 Intermediate Within 6 Months 2 – 4 Years
Additional Skills: Security + certification desired.
Remote Work Availability: 0%
SCOPE OF THE PROJECT:
Serve as Security Analyst within CSOC. The Cyber Security Operations Center’s (CSOC) primary responsibilities are to monitor information provided by various security technologies, analyzing the information to determine if further actions are required, and also serves as the Information Security Office’s front line support for employees and students from across the University.
DAILY DUTIES / RESPONSIBILITIES:
Monitoring and Operations:
• Perform real-time security monitoring, detection and response to security events and incidents within the Clemson University environment.
• Conduct thorough investigations of security events generated by detection mechanisms such as SIEM, IDS/IPS, AV, etc.
• Recognize successful intrusions and compromises through review and analysis of relevant event detail information.
• Differentiate false positives from true intrusion attempts.
• Launch and track investigations to resolution.
• Alert users of intrusions or potential intrusions and compromises.
• Sort events and escalate incidents after a thorough investigation.
Collaboration and Mentoring:
• Provide tier2 level support of incidents escalated by CSOC interns.
• Educate and mentor CSOC interns to enable them to learn and advance their Information Security abilities.
• Perform vulnerability assessments to gauge the organization against regulatory and internal policy compliance.
• Provide technical security guidance to IT staff, particularly on vulnerability remediations.
• Participate in application and infrastructure penetration tests, as well as social engineering tests.
• Maintain situational awareness of the latest cybersecurity threats, vulnerabilities, and mitigation strategies.
• Working and collaborating with researchers on cyber security related research projects at Clemson University.