Cyber Defense Analyst

Job Description Summary:
The Cyber Defense Analyst will work under direction of the IT Security Supervisor and Team Lead in the Eversource Security Operations Center \(SOC\) which is responsible for managing and protecting computer assets, networks and information systems\. The Cyber Defense Analyst position will act as the secondary lead for proper handling of Information Security incident investigations\. To accomplish these tasks, they must have an advanced understanding of digital investigations and incident response\. In addition, the Cyber Defense Analyst will use data collected from a variety of cyber defense tools \(e\.g\., IDS alerts, firewalls, network traffic logs\) to analyze events that occur within their environments for the purposes of mitigating threats\.
+ Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources\.
+ Document and escalate incidents \(including event?s history, status, and potential impact for further action\) that may cause ongoing and immediate impact to the environment\.
+ Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack\.
+ Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts\.
+ Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities\.
+ Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity\.
+ Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information\.
+ Conduct research, analysis, and correlation across a wide variety of all source data sets \(indications and warnings\)\.
+ Monitor external data sources \(e\.g\., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus\) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise\.
+ Validate intrusion detection system \(IDS\) alerts against network traffic using packet analysis tools\.
+ Work with stakeholders to resolve computer security incidents and vulnerability compliance\.
Technical Knowledge/Skill: Knowledge of defense\-in\-depth principles and network security architecture\.Knowledge of cyber defense policies, procedures, and regulations\.Knowledge of the common attack vectors on the network layer\. Knowledge of different classes of attacks \(e\.g\., passive, active, insider, close\-in, distribution\)\.Knowledge of basic system administration, network, and operating system hardening techniques\. Knowledge of network security architecture concepts including topology, protocols, components, and principles \(e\.g\., application of defense\-in\-depth\)\. Knowledge of Windows/Unix ports and services\. Knowledge of general kill chain \(e\.g\., foot\-printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks\)\. Knowledge of network mapping and recreating network topologies\. Knowledge of packet\-level analysis using appropriate tools \(e\.g\., Wireshark, tcpdump\)\. Knowledge of operating system command line/prompt\. Knowledge of Intrusion Detection System \(IDS\)/Intrusion Prevention System \(IPS\) tools and applications\. Knowledge of OSI model and network protocols/services \(e\.g\., TCP, UDP, IP, DHCP, DNS, etc\.\)\. Knowledge of how to use network analysis tools to identify vulnerabilities\. Knowledge of penetration testing principles, tools, and techniques\.
_Education/Experience:_ Bachelor of Science degree from an accredited four\-year college or university in Computer Science, Engineering, or related discipline, or equivalent work experience and technical training\.
Worker Type:
Number of Openings:
SEO Category:
IT Jobs
EEO Statement
Eversource Energy is an Equal Opportunity and Affirmative Action Employer\. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status\.
VEVRRA Federal Contractor

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Cyber Operations Analyst
Springfield, MA MassMutual Financial Group
IT/OT Cyber Risk Analyst
Cambridge, MA Apex Systems
Cyber Security Analyst
Framingham, MA Staples
Cyber Security Analyst
Woburn, MA Lahey Health
Cyber Sec Analyst - IT Svcs - 2419
Burlington, MA Apex Systems