Security Analyst II
To see similar active jobs please follow this link: Remote System Administration jobs
Job Summary
Supervise monitoring of security events and alerts received from ISOC security tools. Manage end user reported incidents. Responsible for the first line of security incident response within the Rackspace ISOC. Hunt for suspicious activity based on anomalous activity and indicators of compromise from various intelligence feeds and toolsets. Serve as the technical escalation point and mentor for lower-level analysts. Provide communication and escalation throughout an incident per the ISOC Standard Operating Procedures. Report potential and actual security violations and provide recommendations. Communicate directly with end users and asset owners. Perform in-depth analysis of log files, systems, and network traffic. Maintain a strong awareness of the current threat landscape. Create knowledge base articles for handling low severity incidents.
Work Location: Remote
- Role can work remotely in the states of Ciudad de Mexico, Jalisco, Nuevo Leon, Aguascalientes, Queretaro, Estado de Mexico and Puebla. You need to be based in Mexico at one of these locations.
In this role you will:
Monitor global NIDS, Firewall, and log correlation tools for potential threats.
Initiate escalation procedure to counteract potential threats/vulnerabilities.
Provide incident remediation and prevention documentation. Document and conform to processes related to security monitoring.
Provide performance metrics as necessary. Provide customer service that exceeds our customers’ expectations.
Qualifications:
Strong knowledge and understanding of network protocols and devices.
Experience in intrusion analysis and incident response.
Strong experience with Mac OS, Windows, and Unix systems. Demonstrable problem solving, analytical skills and attention to detail. Strong verbal and written communication skills. Packet and log analysis.
Ability to handle high pressure situations in a productive and professional manner.
Document and conform to processes related to security monitoring. Provide incident investigation, handling, and response to include incident documentation.
Strong time management, skills with the ability to multitask.
Ability to work a flexible work schedule, including weekends.
Provide training and mentorship to lower-level security analysts.
Provide tuning recommendations for security tools to tool administrators. Provide tuning recommendations for security tools to tool administrators.
Strong knowledge of the following: SIEM, Packet Analysis, SSL Decryption, Malware Detection, HIDS/NIDS, Network Monitoring Tools, Case Management System, Knowledge Base, Web Security Gateway, Email Security, Data Loss Prevention, Anti-Virus, Network Access Control, Encryption, Vulnerability Identification.
Experience / Education:
Bachelor’s degree in Computer Science or equivalent combination of education and experience required. High school diploma or equivalent required.
GCIA required. GCIH, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred.
2-4 years of experience in a security operations center (SOC) environment required.
Experience with SIEM (i.e. Arcsight, QRadar) Sourcefire, FireEye, Snort or an equivalent tool required.
Basic system administration skills.
Experience with reviewing raw log files, data correlation, and analysis (ie. System logs, netflow, firewall, IDS) required.
Experience in creating Snort signatures required.
Shift from Sunday to Wednesday, 8am to 7pm CST
Discover your inner Racker: Racker Life
#LI-GP1
#LI-Remote
About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
More on Rackspace Technology
Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
About the job
Security Analyst II
To see similar active jobs please follow this link: Remote System Administration jobs
Job Summary
Supervise monitoring of security events and alerts received from ISOC security tools. Manage end user reported incidents. Responsible for the first line of security incident response within the Rackspace ISOC. Hunt for suspicious activity based on anomalous activity and indicators of compromise from various intelligence feeds and toolsets. Serve as the technical escalation point and mentor for lower-level analysts. Provide communication and escalation throughout an incident per the ISOC Standard Operating Procedures. Report potential and actual security violations and provide recommendations. Communicate directly with end users and asset owners. Perform in-depth analysis of log files, systems, and network traffic. Maintain a strong awareness of the current threat landscape. Create knowledge base articles for handling low severity incidents.
Work Location: Remote
- Role can work remotely in the states of Ciudad de Mexico, Jalisco, Nuevo Leon, Aguascalientes, Queretaro, Estado de Mexico and Puebla. You need to be based in Mexico at one of these locations.
In this role you will:
Monitor global NIDS, Firewall, and log correlation tools for potential threats.
Initiate escalation procedure to counteract potential threats/vulnerabilities.
Provide incident remediation and prevention documentation. Document and conform to processes related to security monitoring.
Provide performance metrics as necessary. Provide customer service that exceeds our customers’ expectations.
Qualifications:
Strong knowledge and understanding of network protocols and devices.
Experience in intrusion analysis and incident response.
Strong experience with Mac OS, Windows, and Unix systems. Demonstrable problem solving, analytical skills and attention to detail. Strong verbal and written communication skills. Packet and log analysis.
Ability to handle high pressure situations in a productive and professional manner.
Document and conform to processes related to security monitoring. Provide incident investigation, handling, and response to include incident documentation.
Strong time management, skills with the ability to multitask.
Ability to work a flexible work schedule, including weekends.
Provide training and mentorship to lower-level security analysts.
Provide tuning recommendations for security tools to tool administrators. Provide tuning recommendations for security tools to tool administrators.
Strong knowledge of the following: SIEM, Packet Analysis, SSL Decryption, Malware Detection, HIDS/NIDS, Network Monitoring Tools, Case Management System, Knowledge Base, Web Security Gateway, Email Security, Data Loss Prevention, Anti-Virus, Network Access Control, Encryption, Vulnerability Identification.
Experience / Education:
Bachelor’s degree in Computer Science or equivalent combination of education and experience required. High school diploma or equivalent required.
GCIA required. GCIH, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred.
2-4 years of experience in a security operations center (SOC) environment required.
Experience with SIEM (i.e. Arcsight, QRadar) Sourcefire, FireEye, Snort or an equivalent tool required.
Basic system administration skills.
Experience with reviewing raw log files, data correlation, and analysis (ie. System logs, netflow, firewall, IDS) required.
Experience in creating Snort signatures required.
Shift from Sunday to Wednesday, 8am to 7pm CST
Discover your inner Racker: Racker Life
#LI-GP1
#LI-Remote
About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
More on Rackspace Technology
Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.