back Back to Jobs

Security Analyst



Location: Seattle, WA
Job # 9538170
Date Posted: 06-29-2017
Day to Day:
  • Monitor internal network, user traffic patterns, and alerts for anomalies, researching specific events or traffic details and escalating, as necessary
  • Triage incoming bug bounty submissions, and prioritize valid finds for remediation
  • Assist in Continuous Monitoring Efforts, by using tools to conduct scans, report on security vulnerability remediation status, and provide system inventories
  • Respond to escalated customer and employee security questions and concerns
  • Provide guidance to in-house Analyst, based soundly in experience, reason, and operational-feasibility.
Most Critical Skills: (Experience with the following Tasks) 
  • 2-3 years’ experience reviewing logs from disparate applications and systems and identifying suspicious behavior 
  • Comfortable working in heterogeneous development and production environments where you’ll be working with multiple development languages, technologies, and cloud service providers.
  • Direct experience working with cloud-deployed infrastructure.
  • Proficiency with developing correlation rules for SIEM or other log correlation technologies.
  • Experience creating and reviewing SNORT signatures
Current Environment Tools: (Make sure resource has familiarity/knowledge many of these)
  • Nessus for scanner
  • Burpsuite for web app scanning
  • Osquery for asset/patch management
  • Sumo-logic for log mgmt and log storage – offsite For monitoring of stats & traffic patterns
  • 60 engineering & prod development - they use different tools for on-call (integrity & availability), most data is public data
  • Metaflows internally for NIDS & SIEM internally 
  • PAN firewalls - just firewall functionality 
  • Clam AV, sophos on corp machines
  • Access management - IAM management into AWS instances
  • Web facing for client instances
  • Access managed through client directory services (okta & direct SAML integration)
  • Access from corp to AWS is via bastian, mfa, SSH to certain hosts
Resumes to recruiter@romackinc.com
 
this job portal is powered by CATS