Security Analyst III

Job Profile Summary

Perform real-time monitoring and analysis of security events from multiple sources. Identify source or cause and provide recommendations for secure infrastructure through policy, practices, risk management, engineering, and improved operations. Responsible for adhering to company security policies and procedures and any other relevant policies and standards as directed.

Critical Competencies

• Excellence: Exceeds expectations by consistently demonstrating accountability, discipline, high performance, and a proven track record of exceptional results
• Customer-driven: Prioritizes customer needs and satisfaction through collaborative and proactive problem-solving, and an unwavering commitment to customer success
• Expertise: Possesses deep understanding of customer needs and continually grows and enhances skills to provide customer-focused solutions
• Agility: Quickly adapts and responds to dynamic customer needs and expectations through innovative solutions.
• Compassion: Cultivates a positive and supportive environment to effectively work together towards a common goal, fostering trust within Rackspace and with external stakeholders

Key Responsibilities

• Other Incidental tasks related to the job, as necessary.
• Monitor and analyze log files from a variety of sources, including but not limited to NIDS, HIDS, firewall logs, and system logs (Windows and Unix) to identify possible threats to network security
• Triage security events: assess the priority and determine risk
• Receive escalations of events from lower level analysts
• Use the Cyber Kill Chain, current intelligence information, and investigative techniques to proactively review customers environments searching for anomalous behavior
• Identify, modify, and manipulate applicable system components within Windows, Unix, or Linux (e.g., passwords, user accounts, files)
• Reconstruct cyber events, assess cyber threat and scope of impact, identify and track any internal lateral or external movement, and develop response solutions
• Interact with security community to obtain technical cyber threat intelligence; track cyber threat actors/campaigns based on technical analysis and open source/third party intelligence
• Research and track new exploits and cyber threats; conduct cursory and/or in-depth computer forensic investigations (i.e. packet captures, endpoint behaviors, etc.), or collaborate with peers when appropriate for hand-offs/escalations
• Conduct analysis of malicious code and weaponized documents through behavioral analysis or reverse engineering.
• Communicate and report on key intelligence, analysis and response activities, relevant metrics, and KPIs
• Work as a part of an Incident Response Team to investigate and remediate active threats while accurately documenting results using standard incident response techniques and the incident response process

Knowledge

• Intermediate knowledge of various Compliance Regulations/ Standards; PCI, ISO27001, Audit Standard #70, Safe Harbor, HIPPA and FISMA
• Intermediate knowledge of IT Risk Management, Governance, Risk and Compliance, Information Security, Data Privacy, Vendor Management, and/or Business Continuity Management

Skills

• Analytical Skills
• Cloud Computing
• Cybersecurity
• Database Management
• ERP Software Skills
• Audit Skills
• Investigative Skills
• Low Voltage Cabling
• Network/Systems Skills
• Process Improvement
• Project Management
• Risk Assessment/Management
• Strategic Planning
• Vendor Management

Certifications

• Sec+, GSEC, and Net+ certifications required Prefer completion of, or work toward, SANS GIAC/GCIA/GCIH/GCFA, etc. or other network/system security certifications

Experience

• 5 - 7 years of experience in the field of role required