Todays Jobs
Job Role
Job Types
Sector
Aircraft type
IT Security Threat and Vulnerability Analyst
Apply now
Location: New York
Job type: Permanent
Aircraft type:
Contact:
Sector: IT & Communications
Job Role:
IT Security Threat and Vulnerability Analyst
Posted Date
5 months ago(5/31/2018 10:12 PM)
Job ID
2018-1911
# of Openings
1
Category
Information Technology
City
Purchase
State
NY
Company
Atlas Air, Inc
Overview
This position is responsible for supporting vulnerability management, threat management, and incident response processes.
Responsibilities
* Investigating security alerts.
* Research, extraction, and dissemination of open source intelligence (OSINT) on threat actors targeting the aviation industry
* Performing threat analysis and threat hunting and advanced analytic activities.
* Submitting observed threat information to information sharing networks including US-CERT and the Aviation ISAC.
* Reviewing security and threat intelligence bulletins from open and closed sources.
* Importing threat indicators into monitoring systems.
* Conducting vulnerability scanning and reporting results.
* Maintenance of vulnerability scanning tools.
* Conducting simulated phishing campaigns.
* Documentation of methods and procedures.
* Perform penetration testing on applications and infrastructure and recommend action plans.
* Review patch releases from vendors including Microsoft and assess risk and recommended actions to patch bulletins. Work with operations groups to orchestrate patch deployments.
* Monitor security alerts from ArcSight SIEM across a 3500+ user WAN for potential intrusions and policy breaches.
* Assist with the development, implementation, and tuning of monitoring use cases as needed upon emergence of new applications, threats, and policies.
* Develop signatures and rules for detecting and blocking threats.
* Support the incident response process by providing advanced analysis services when requested including recommendation of containment and remediation processes, independent analysis of security events, and reporting of identified incidents.
* Maintain incident response documentation.
* Provide guidance and education to other groups within the Information Technology function, including Infrastructure Architecture, Application Development, Network Operations, System Operations, and Help Desk.
* Provide off-hour support as required.
Qualifications
* The qualified candidate must have at least 5 years’ experience working with IT security monitoring and vulnerability management.
* Experience preparing and/or presenting reports and briefings is required.
* Must be able to obtain and maintain a US Government security clearance
* Understanding of common vulnerabilities and exploits is required
* Knowledge of the cyber threat landscape including types of adversaries and the motivations that drive them is required.
* Proficiency in both Windows and Linux is required
* Experience analyzing security events and differentiating between incidents and non-incidents is required.
* Experience in configuring and operating vulnerability scanning tools such as Nessus, Qualys, Nexpose, etc. is required.
* Penetration testing experience strongly desired.
* Experience in SIEM technologies such as ArcSight, Splunk, Qradar is desired.
* Experience with threat hunting and cyber intelligence is desired
* Experience with malware analysis and reversing is desired
* Strong understanding of the TCP/IP protocol suite, OSI model, and network services such as DHCP and DNS; layer 2 and 3 networking technology and protocols is desired
* S. Degree in Computer Science or related field and/or 5 to 7 years related experience.
* Excellent oral and written communication skills.
* Must be self-motivated and able to work both independently and as part of a team.
* CISSP or GIAC (GSEC, GCIA, GCFA, GCIH, GREM, GPEN) or similar certification strongly desired.
Apply for this job