Apply now: Security Analyst II, location is Hybrid (2 days onsite in Alexandria, VA). The start date is ASAP.
Job Title: Security Analyst II
Location-Type: Hybrid (Tues & Thurs onsite in Alexandria, VA)
Start Date Is: SAP
Duration: Permanent
Compensation Range: $150K-$165K
Job Description: Support and enhance security operations, ticketing processes, and incident response across various cybersecurity tools, ensuring efficient security event monitoring, troubleshooting, and process automation.
Day-to-Day Responsibilities: - Work with IDS, IPS, SIEM, and other security tools to generate and action tickets.
- Troubleshoot and resolve security incidents, escalating as needed.
- Ensure log sources and search sources are correctly consolidated for streamlined response.
- Document security processes and work toward automating operations.
- Generate reports on security operations, incident trends, and system performance.
- Collaborate cross-functionally with cybersecurity engineers and other IT teams.
- Participate in an on-call rotation (every six weeks) for cybersecurity incidents.
Requirements: - Must-Haves:
- 5+ years in cybersecurity and 4+ years as a Security Analyst.
- Tenure in full-time roles (ideally 3-5 years per position).
- Hands-on experience with ITSM (ticketing systems), SIEM, IDS/IPS, next-gen firewalls, DLP, email security, and web application firewalls.
- Strong documentation experience with the ability to create and operationalize security processes.
- Experience investigating, blocking, and remediating malicious traffic and alerts.
- Ability to interpret logs and analyze security events using tools like Wireshark, Fortinet Analyzer, DeepSeas, and Microsoft Defender.
- Familiarity with scripting languages such as PowerShell, Bash, or Python for security automation.
- Strong interpersonal skills: proactive, team player, independent, and flexible.
- Nice-to-Haves:
- Experience in startups or Managed Security Providers (MSPs).
- Knowledge of DFIR, IAM, PAM, NGFW, EDR, CASB, SOAR, MSSPs, and MITRE Telecommunication&CK framework.
- Background in systems engineering or administration.
- Relevant cybersecurity certifications (GCIH, GCIA, GMON, GCED, CISSP, CEH, Fortinet, CompTIA, or similar).
- Bachelor's degree in cybersecurity, IT, or a related field (or equivalent experience).