|Date Posted||November 11, 2021|
Security Clearance required: Must be able to pass a federal background investigation and obtain a Public Trust
Location: Greenville, SC
Position Summary: The Cybersecurity Defense Analyst will provide analyze and conduct cyber network defense on events that occur within IT environments within the area of responsibility for the purposes of mitigating threats. This position is part of 24x7x365 Cybersecurity Operations Center (SOC) responsible for the overall security of Enterprise-wide information systems, data and networks. The SOC’s objects are to protect, detect, respond, and remediate Information Security (IS) threats to the Enterprise and associated systems. During operations you will perform continuous monitoring on IT systems, network & asset intrusion detection, and proactive & reactive defense techniques in efforts to safeguard IT data. Additionally, you will assist other members with tasks relating to digital forensics, legal investigations, information gathering, IT troubleshooting, and threat landscape gap analysis.
- Ability to bring actionable insight during early IT planning phases; highlighting compliance & configuration improvements which can be applied before IT assets & data are live on the enterprise network.
- Provide Support for installation, configuration, patching, and day-to-day administration and maintenance of cyber managed services & tools, including:
- Intrusion Detection System (IDS)
- Vulnerability Management Systems
- IT Service Intelligence Systems (ITSI)
- Proxy Services
- Certification Authority Services
- Threat Intelligence Platforms
- Data Loss Prevention (DLP)
- Ability to analyze security events, threat signatures, correlated search algorithms, external threat intelligence and recommend and/or apply security practices aimed at minimizing the threat to the organization(s) the SOC services.
- Conduct continuous monitoring, evaluate the risk, apply priority & urgency based on the asset & identity, and identify security gaps within the enterprise.
- Perform network (LAN & WLAN) collection tactics, techniques, and procedures to include decryption capabilities/tools.
- Ability to interpret the information collected by network services & tools (e.g., Splunk, SNORT, Syslog, Wireshark, nmap, nslookup, Tenable, EDR)
- Provide proactive defensive techniques that prevent threats based on packet signatures, threat intelligence, correlated data events, alerts, and security events in relation to improving & securing confidentiality, integrity, availability, authentication, and non-repudiation.
- Provide briefs, documentation, and reports for the network health, current enterprise threat landscape, and Indicator of Compromise (IoC) to internal & external organization(s) delivered to the daily, weekly & monthly presentations.
- Ability to accurately & completely source all data used in IT intelligence, assessment and/or planning products.
Essential Skills, Experience, and Certifications:
- Must have an DOD 8570 IAT Level II, or higher, recognized Cyber Security certification such as: Security+ Ce, CCNA Security, CySA+, GSEC, CASP, CCNP Security, CISSP, Etc.
- Must have flexible scheduling availability, as the CSOC conducts 24x7x365 operations and has rotating shifts.
- Experience with cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, etc)
- Experience with cybersecurity tools (e.g., SIEM, SOAR, EDR, AV, IDS, IPS, NGFW)
- A good understanding of the OSI Model
- Practiced in well written technical documentation & clear communication
- Experience with Splunk Enterprise
- Experience with Palo Alto Networks products (e.g., Cortex XDR, Cortex XSOAR, PANOS)
- Experience with at least one of the following:
- Red Hat Enterprise Linux
- IT administration for OSX & iOS assets
- Microsoft OS
- Knowledge in Cloud Architecture
- Experience with Infrastructure as Code Platforms
- HashiCorp Suite
Physical Demands and Work Environment:
The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Physical Demands: While performing the duties of this job, this position requires the ability to sit for potentially long periods of time throughout the workday. Hearing sufficient to understand conversations, both in person and on the telephone. Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components for potentially long periods of time without experiencing abnormal hand, wrist, or eye strain. Occasional inspection of cables in floors and ceilings. Lifting and transporting moderately heavy objects, such as computers and peripherals. Must be able to lift up to 50 pounds.
- Work Environment: Includes a typical office environment, with minimal exposure to excessive noise or adverse environmental issues, including exposure to heat, cold, inclement weather conditions, and occasional environmental hazards. Local, regional, and national travel may be required.
Medical, Dental, Vision Plan
AD&D and Life Insurance
Paid Federal Holidays
Paid Time Off
401(k) Retirement Plan
Follow us on: LinkedIn | Twitter | google+
Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets.
Please click here to review your rights under EEO policy.
If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone 828-398-5414 or by email [Click Here to Email Your Resumé].