Principal Security Analyst
What you’ll be doing...
Verizon Enterprise Solutions, the creators of the industry renowned Data Breach Investigations Report (DBIR), and home to one of the world’s largest internet backbones, is seeking a Principal Security Analyst to work as an integral part of our federal Advanced Security Operations Center. This position comes with management commitment and encouragement that will foster your growth and our competitive benefits are in the top 1% for employers in our industry and employers of our size.
The Principal Security Analyst will be responsible for analyzing the most complex threats and act as an escalation point for other security analysts, managing Splunk implementations for managed security services customers, as well as use case creation, dashboards, tuning, and log source configuration. As a Splunk Analyst you will:
- Be responsible for advanced security event detection and threat analysis for complex and/or escalated security events
- Provide log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions
- Validate log sources and indexed data, search through indexed data to optimize search criteria
- Add Customer Context, eliminate “noise” and false positives, and develop trends and data models
- Distill Customer intelligence feeds; use cases, trends and data models
- Create custom alert schema, reports and custom dashboards
What we’re looking for...
You Must Have:
- 4+ years direct experience with Splunk as an Engineer or Administrator
- 7+ years of experience investigating network threats with advanced analysis experience of multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques, APTs, etc.
- TCP/IP networking skills to perform packet and log analysis
- Must be a motivated and customer-focused SIEM engineer who can work as a subject matter expert. Requires expert level understanding of SIEM platforms
- Strong understanding of Splunk Use Case creation, Dashboards and Tuning
- Strong Splunk Enterprise Security (ES) experience to include Index Design, Infrastructure, Data Collection, Deployment Management, Data Enrichment, Querying, Integration and Operations
- Security Analysis experience to include incident classification, investigation and remediation
- Must have, or be qualified to obtain, a government clearance at the Secret level
Ideally you'll also have:
- Linux, Perl, Python scripting
- SANS or other Security industry certifications such as GIAC, GSEC, GCIA, GCIH, GREM, GPEN or OSCP
- Arcsight or RSA Security Analytics experience
- RSA Archer Security Operations Management experience
- Bachelor’s Degree preferred
When you join Verizon...
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
We’re proud to be an equal opportunity employer – and celebrate our employees’ differences, regardless of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Company Type: Public Company
Company Size: 1