Location: Holmdel, NJ
Description: Our client is currently seeking a Security Monitoring Analyst: InfoSec Opportunity in Holmdel, NJ
• Monitor for and detect security events from SIEM, Log collection Engines and other security technologies, such as Splunk
• Perform investigations using various Monitoring Security technologies (i.e. IDS/IPS, DLP, etc.)
• Review alerts escalated by end users
• Perform initial triage of incoming issues (initially assessing the priority of the event, initial determination of event to determine risk and damage or appropriate routing of security or privacy data request)
• Monitoring of health alerts and downstream dependencies
• Provide limited response to end users for low complexity security events
• Review and take a proactive approach to false positive and work with the various Security teams to tune and provide feedback to improve accuracy of the alerts.
• Document, investigate and Notifying appropriate contact for security events and response
• Takes an active part in the resolution of events, even after they are escalated
• Must participate in an on-call roster
• Collaborate with technical teams for security incident remediation and communication
• Conducts proof of concepts, vendor comparisons and recommend solutions in line with business requirements
• Conducts security research on threats and remediation methods
• Contributes to strategic planning to evaluate, deploy or update security technologies
• Creates process improvement by identifying inefficiencies and solutions for process improvements
• Prepares system security reports by collecting, analyzing, and summarizing data and trends; presents reporting for management review
• Promotes cross-department collaboration and communication to ensure appropriate processes, procedures and tools are installed, monitored, and effectively operating and alerting
• Ability to demonstrate understanding of Security investigations process and procedures
• Experience writing correlation searches in Splunk ES
• Ability to demonstrate technical experience working with enterprise security technologies like SIEM, antivirus/malware, IDS, WAF, DDoS mitigation platforms.
• General network knowledge, TCP/IP, Internet Routing, UNIX / LINUX & Windows NT
• Understanding of common network services (web, mail, DNS, authentication)
• Demonstrate ability to work with an Incident Management Tool (RSA Archer, ServiceNow).
Preferred Training, Qualifications, and Certifications
• CEH: Certified Ethical Hacker
• SEC401: Security Essentials
• SEC511: Continuous Monitoring and Security Operation
• GCIA: GIAC Certified Intrusion Analyst
• GCIH: GIAC Certified Incident Handler
Onsite at Bell Works- Holmdel, New Jersey
working shifts either Sun-Wed 8AM - 6PM or Wed-Sat 8AM-6PM
4 Day Schedule. People Love working this in the group.!!
This is a local security operations center. They have two crews that work 8am to 6pm Wednesday to Sunday.
seven days of tier 2 and tier three cyber security events. Splunk simulates cyber security events.
Experience with Crowd Strike is a huge bonus.
Performing log analysis for intrusion detection systems.
Windows/Linux Cyber Security Activioty.
Working in a SOC environment.
Please email Tcavaleri@judge.com for immediate consideration. Looking to set up interviews ASAP.