Cyber Security Analyst

at Collabera
Location Santa Ana, CA
Date Posted February 29, 2020
Category Default
Job Type Full-time



Must haves:



  • 3-5 yrs of SOC Analyst experience ( technical lead)
  • Knowledge of Logrythm
  • Security cert or CISSP
  • work in a 24/7 environment

This position will be responsible for Cyber Intelligence and Vulnerability Assessment for the 24/7 Security Operations Center (SOC). The candidate must have a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and at least 5 years’ experience including experience in collecting, synthesizing, fusing, or authoring unclassified and classified cyber threat intelligence products as well as experience in vulnerability assessment and penetration testing.

Job Specific Responsibilities:

  • Develop moderately complex security designs and test plans using existing technology.
  • Perform and document root cause analysis for security incidents.
  • Perform and document vulnerability analyses
  • Develop cyber security analytics and threat intelligence using multiple data sources provided to the Security Information and Event Management (SIEM) system.
  • Work closely with the CISO to identify and recommend process and system improvements to the security program.
  • Create relevant documentation and recommendations for changes to the current security architecture.
  • Drive the capabilities and execution to effectively optimize and improve enterprise security.
  • Demonstrate expert level knowledge of security services and implementations.
  • Investigate, positively identify, and document anomalous events and incidents that are escalated by Tier 1 engineers.
  • Document and escalate appropriate events and incidents to Tier 3 engineer.
  • Examine cyber adversary techniques in order to develop defensive methodologies.
  • Conduct risk analysis and convert it into actionable monitoring recommendations to be conducted by the SOC.
  • Conduct vulnerability assessments and recommend remediation and mitigation strategies and implementations to ensure effective achievement of the organizational objectives.
  • Provide support for security incidents throughout the incident lifecycle as needed and make recommendations to ensure enterprise infrastructure is protected.
  • Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
  • Work with the CISO to develop a metrics program to report on overall SOC performance and effectiveness.


  • Bachelor degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and a minimum of five years of experience in Cyber Security.
  • Must be able to meet all Law & Justice and departmental clearance requirements prior to starting work and be eligible to pass law enforcement level background investigations and obtain U.S. SECRET (or similar) clearances as required.
  • Demonstrated Experience with Cyber Intelligence & Vulnerability Assessment including expert experience in at least two of the following areas:

(a) Vulnerability Assessment;
(b) Intrusion Prevention and Detection;
(c) Access Control and Authorization;
(d) Policy Enforcement;
(e) Application Security;
(f) Protocol Analysis;
(g) Firewall Management;
(h) Incident Response;
(i) Encryption;
(j) Web‐filtering;
(k) Advanced Threat Protection


  • Security and/or CySA, plus CCNA Certification,
  • Experience with Nessus vulnerability scanning
  • Experience with Security Information and Event Management Tools (LogRhythm).
  • Experience with vulnerability assessment tools (Nessus).
  • Experience writing moderately complex scripts.
  • Understanding of networking concepts and technologies including TCP/IP, Routing, Switching, NAT, OSI Model, etc.
  • Ability to manage multiple projects and multiple deadlines in an organized fashion.
  • Understanding of advanced data analysis and management concepts.
  • Technical writing abilities to author technical and management risk reports.


  • Certified Information Systems Security Professional (CISSP)
  • SANS/GIAC certifications
  • Cisco WLAN certification
  • Experience in Information Assurance Policy and Guidelines
  • NIST Special Publication 800-53
  • NIST Cybersecurity Framework
  • ITIL Foundation Level or higher Certification