Cyber Security Operations Analyst
Please list all professional experience and explain any gaps in employment history.
The Washington Post is a growing publishing, multi-media and technical company that builds software to meet the needs of The Post as well as making the same software available to other publishers around the world.
The Washington Post is seeking a contract to hire Cyber Security Operations Analyst who will conduct technical activities aimed at preventing and responding to cyber incidents, along with advising the company on a wide variety of information security issues, concerns, and problems. A Cyber Security Operations Analyst conduct incident triage, analyze their severity, and resolve them with assistance from other teams as required.
Responsibilities are Grouped as Follows:
- Acquire infected machines and then detect the artifacts and impact of exploitation through process
- Provides in-depth technical advice for investigations of information security incidents including internal frauds, hacker break-ins, and system outages.
- Helps formulate response to security threats.
- Derive Relevant Indicators of Compromise (IOCs) from malicious executables to strengthen incident response and threat intelligence
- Apply SANS Top 20, OWASP Top 10, as they pertain to Washington Post systems
- Assist developers, users, and other internal staff in their efforts to establish and maintain adequate audit trails to quickly resolve business and technical problems, and to maintain secure and reliable information systems within The Washington Post.
- Support security operations by automating data collection, analysis, and report generation using script language programming (Shell / Perl / Python / Ruby)
- Reviews requirements statements, feasibility analyses, operating procedures, and other documents produced during the systems development process to ensure appropriate security measures are included.
- Develops detailed proposals and plans for new information security systems that would improve the capabilities of The Washington Post networks or shared information systems.
- Educates and advises others regarding the application of information security policies, standards, and other requirements to specific information systems. Helps develop solutions to comply with these information security requirements.
SOC System Admin Support
- Assists with the selection, installation, and adoption of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements.
- Provides technical advice to those who install, administer, and update computer-based access control systems.
EDUCATION - Bachelor's degree preferred; focus in computer science or related technical field preferred.
EXPERIENCE - Minimum of 2 years of relevant professional experience required.
CERTIFICATION - Relevant certification a plus.
PREFERRED EXPERIENCE & SKILLS
- Demonstrated knowledge of risk management and risk assessment tools / techniques.
- Experience with conducting infected machines forensics and then detect the artifacts and impact of exploitation through process, file, memory, and log analysis.
- Demonstrated analytic, problem solving, and root cause analysis skills.
- Demonstrated analytic and problem-solving skills.
- Demonstrated problem-solving skills with the ability to think quickly, remain calm under pressure, and work with others in a client-oriented environment.
- Must be a self-starter with strong organizational skills.
- Familiarity with Unix, Windows, datastores, client-server systems architecture, and web development system architecture.
- Experience in analyzing network packet captures and proxy cache files, allowing follow-on malware analysis, or definitive data loss determinations.
- Experience in conducting protocol statistical analysis on all systems (data, VoIP) and detect protocol misuse.
- Experience using various AWS Tools.