Security Analyst; SIEM, EDR​/XDR, IPS​/IDS

Trigyn's direct government client has a long-term contract assignment for Security Analyst in Columbia, SC (Hybrid). The particulars of the position are as follows.

• The consultant should be an expert security administration and security continuous monitoring.
• The consultant should be an expert in performing log analysis, risk analysis, incident response processes, and investigation procedures. This includes experience working in a security operations center and working with security tools including SIEM, EDR/XDR, IPS/IDS. The consultant should have experience with data blending and report generation.

• Planning, implementing, upgrading, and monitoring security measures for the protection of computer network security and information ? both LAN and cloud based.
• Develop and implement security policies, procedures, and standards to protect the organization's data and assets.
• Monitoring and reporting on SIEM and EDR event data.
• Maintaining records of security events investigated and incident response activities.
• Serve as a Tier III security support on the agency’s security team.
• Conduct security assessments of systems, networks, and applications to identify vulnerabilities and risks.
• Work with and provide mentorship to other information security team members on security strategies, processes, response, and technologies.
• Respond to security incidents and breaches, and work to mitigate the impact and prevent future incidents.
• Provides incident response support, threat assessment, and computer forensic investigations.
• Coordinate and assist with other Information Technology functions/teams to accomplish agency security objectives.
• Creating risk analysis documents when reviewing system functional specifications including use cases, activity, sequence, data flow, collaboration, and diagrams.
• Create security report using complex SQL queries, API integrations, and Power BI.
• Knowledge of blue team tools such as SCAP workbench, vulnerability scanning, and hardening techniques.
• Knowledge of red team tools such as Nmap, Wireshark, Metasploit, and password crackers.

• 4+ years of experience with SIEM, EDR/XDR, and IPS/IDS
• 4+ years of experience with security documentation
• 4+ years of experience with C/C++, Python, or Power Shell
• 4+ years of experience with Red/Blue Team
• 4+ years of experience with Office 365 Security Administration

• Bachelor’s or higher degree in Computer Science or other quantitative discipline or equivalent work experience.

• Preference will be given to experienced Security Operation Center (SOC) security analyst.
• SQL/Scripting (reports and automation) experience.

• CISSP
• CCSP
• SSCP
• CEH

For Immediate Response call , or send your resume to

TRIGYN TECHNOLOGIES, INC. is an EQUAL OPPORTUNITY EMPLOYER and has been in business for 35 years. TRIGYN is an ISO 9001:2015, ISO 27001:2013 (ISMS), ISO 20000:2018 and CMMI Level 5 certified company.