Threat Analyst | Remote, USA at Optiv

Overland Park, Kansas, United States

Apply Now

Not SpecifiedCompensation

Mid-level (3 to 4 years)Experience Level

Full TimeJob Type

UnknownVisa

CybersecurityIndustries

Requirements

Three or more years of full-time professional experience in the Information Security field
Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment as a point of escalation
Excellent time management, reporting, and communication skills including customer interactions and executive presentations
Data analysis using SIEM, Database tools, and Excel
Experience troubleshooting security devices and SIEM
Ability to create and maintain content within SIEM environments and make recommendations to clients to better their visibility
IDS monitoring/analysis with tools such as Sourcefire and Snort
Experience with SIEM platforms preferred (QRadar, LogRhythm, McAfee/Nitro, ArcSight, Splunk)
Knowledge of direct (e.g., SQL Injection) versus indirect (e.g., cross-site scripting) attacks
Experience with attacks: Web Based Attacks and the OWASP Top 10, Network Based DoS, Brute force, HTTP Based DoS, Denial of Service, Network Based / System Based Attacks
Familiarity with SANS top 20 critical security controls
Understanding of foundations of enterprise Windows security including Active Directory, Windows security architecture and terminology, Privilege escalation techniques, Common mitigation controls and system hardening
Experience with Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS)
Experience in monitoring at least one commercial AV solution such as (but not limited to) McAfee/Intel, Symantec, Sophos, or Trend Micro
Ability to identify common false positives and make suggestions on tuning
Understanding of root causes of malware and proactive mitigation
Propagation of malware in enterprise environments
Familiarity with web-based exploit kits and the methods employed by web-based exploit kits
Familiarity with concepts associated with Advanced Persistent Threats and “targeted malware.”
Experience and understanding of malware protection tools (FireEye) and controls in an enterprise environment
Covert channels, egress, and data exfiltration techniques
Shift flexibility, including ability to rotate between days, mids, and nights (Night Shift from Sunday through Wednesday preferred, with flexibility)

Responsibilities

Provide intrusion/incident monitoring and detection utilizing customer provided data sources, audit, and monitoring tools at both the government and enterprise level
Work closely with Technology Analysts and Architects to service customers
High level professional writing experience regarding documenting and reporting on potential security incidents identified in customer environments and timeline of events
Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets
Act as a coordinator for security events that require urgent response, containment, and remediation
Provide analysis on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc
Perform knowledge transfers, document, and train clients regarding mitigation of identified threats
Provide ongoing recommendations to other peers and customers on tuning and best practices
Actively research current threats and attack vectors being exploited in the wild
Actively work with other analysts and perform investigations on escalations

Skills

SIEM

Intrusion Detection

Incident Response

Threat Analysis

Security Monitoring

Vulnerability Assessment

Firewalls

Malware Analysis

Web Application Firewalls

Professional Writing

Optiv

Cybersecurity advisory and solutions provider

About Optiv

Optiv helps businesses manage and reduce cyber risks by providing advisory services and solutions tailored to their specific needs. Their services cover the entire cybersecurity lifecycle, including strategy development, technology validation, and implementation of security measures. They serve nearly 6,000 clients across various industries, such as retail, manufacturing, and healthcare, ensuring that sensitive information is protected and digital systems remain secure. Unlike many competitors, Optiv focuses on customized solutions and ongoing support, adapting to the evolving cybersecurity landscape. Their goal is to empower organizations to secure their operations effectively and prepare for future challenges in technology, such as AI and IoT.

Denver, ColoradoHeadquarters

2015Year Founded

$12MTotal Funding

ACQUISITIONCompany Stage

Cybersecurity, AI & Machine LearningIndustries

1,001-5,000Employees

Risks

Rising competition from AI-driven cybersecurity firms like Secuvy.

Complexity in managing numerous cybersecurity tools may hinder effectiveness.

Meeting Zero Trust compliance deadlines requires significant investments.

Differentiation

Optiv offers comprehensive cybersecurity solutions tailored to diverse industry needs.

The company excels in Zero Trust architecture implementation for federal agencies.

Optiv's Future Point initiative explores AI, quantum computing, and IoT impacts.

Upsides

Optiv's AI Security Services enhance innovation and efficiency for clients.

Recognition as a leader in IDC MarketScape boosts Optiv's consulting credibility.

Increased cybersecurity budgets reflect growing demand for Optiv's services.

Land your dream remote job 3x faster with AI

Try Jobo Free