IT Security Analyst

Description***PLEASE NOTE --- THIS IS NOT a REMOTE role. We DO NOT offer to Sponsor visa's.***The Cybersecurity Analyst is responsible for monitoring, documenting, and supporting the cybersecurity posture of MetroNational’s information technology systems. This role involves reviewing alerts, assisting in the maintenance of cybersecurity configurations, assessing weaknesses, vulnerabilities and escalating potential vulnerabilities or incidents to senior team members. The Cybersecurity Analyst also contributes to the documentation of cybersecurity events and helps ensure compliance with established cybersecurity policies and procedures. This role uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purpose of mitigating threats.ESSENTIAL DUTIES AND RESPONSIBILITIES:Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activitiesAid in the protection of the company's network and sensitive information using cyber defense tools for continual monitoring and analysis of systems to identify malicious activity includingIdentifying cyber threat tactics and methodsIdentifying and correcting gaps in the company’s cybersecurity postureTesting information systems for vulnerabilitiesDocumenting and escalating incidentsAnalyzing network alerts from various sources within the enterprise and determining possible causes of such alertsIdentifying and analyzing anomalies in network traffic or log dataMonitoring risks and implementing cybersecurity systems to prevent attacks or breachesResponding to urgent cybersecurity events and incidentsReviewing events and incidents to understand root causes Monitoring reputation for hostile content directed towards organizational or partner interestsRecommend procedures and/or changes to procedures necessary for good cyber hygieneImprove the overall cybersecurity posture of the organization’s systemsDetermine the operational and safety impacts of cybersecurity lapsesPrepare threat and target briefings and situational updatesMonitor threat activities and prepare threat activity reportsManage and report on adversarial activitiesRequirementsEDUCATION AND REQUIRED EXPERIENCE:A degree in business or technology is preferred (associate’s or bachelor’s)3-5 years of experience in IT securityExperience with intrusion detection (IDS) and intrusion prevention (IPS) systems preferredBasic scripting (Python, PowerShell, Bash)Experience with vulnerability managementExperience with network packet analysisExperience with log analysis and log managementExperience with Cloud Security Management interfaces Experience with enterprise authentication systems, such as directory services or identity management platformsExperience with Incident handling and response preferredStrong working knowledge of Microsoft 365 tenant administrative interfacesWorking knowledge of core cybersecurity concepts such as the CIA triad, encryption algorithms, and risk management processesWorking knowledge of computer networking protocols including how traffic flows across a networkWorking knowledge of cybersecurity laws and regulationsWorking knowledge of cybersecurity threats, threat characteristics, and vulnerabilities, and threat huntingAbility to prioritize security requests according to urgency and established criteriaAbility to organize information and alerts from multiple sources to create a holistic picture of cybersecurity threatsGeneral understanding of security frameworks (NIST, MITRE Attack) preferredFamiliarity with the variations between IT and OT network environmentsFamiliarity with adversarial TTPsExperience working on project teams and project management is preferredSKILLS, QUALIFICATIONS, AND OTHER REQUIREMENTS:Demonstrate excellent communication (written, verbal and listening) and interpersonal skillsSuperior organizational skills and attention to detailMust possess a proven ability to deliver high-quality customer serviceAbility to triage and prioritize security related data quicklyAbility to respond to work after hours and weekends as neededPHYSICAL DEMANDS:Requires sufficient personal mobility and physical reflexes, to permit the employee to function in a general office environment and accomplish tasks and duties as outlined above.WORK ENVIRONMENT:The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually quiet.