Security Analyst

Overview:

About Xerox Holdings Corporation For more than 100 years, Xerox has continually redefined the workplace experience. XIT Staffing, a division of Xerox dedicated to staffing solutions, is committed to collaborating closely with our internal clients to fulfill their staffing needs.

Our client, Virginia's largest institution of higher education, is in need of a Security Analyst to monitor and protect sensitive data and systems from cyber threats by identifying vulnerabilities, assessing risks, implementing security measures, and monitoring networks for malicious activity.

Responsibilities:

• Serving as the Initial Escalation Point for all Investigations/Incidents Requiring Remediation and/or Coordination
• Continuous Monitoring of the Alert Queue
• Responding to Security Incidents with Strict Adherence to Codified Triage Process and Procedures
• Performing Basic Event Correlation and Validation Activities
• Performing Identification of Effected Systems, Networks and Data
• Engaging with Network Operations to Refine Contextual Understanding of Incidents as Appropriate
• Escalating Incidents In Accordance with Established Policies and Procedures
• Monitoring and Enforcing all Response SLAs
• Identifying and Documenting Any Security Risk Associated with Security Operations/Engineering
• Documenting Recommendations for Automation and Innovation
• Initial Analysis of Security Events, Network Traffic, and Logs.
• Monitoring Security Sensor Activity and Associated Logs to Identify Anomalies and Intrusions
• Network Incident First Responder for Reviewing and Verifying System Alerts/Events/Messages/Status/Availability
• Identifying Issues with Incident Response Plans, Worflows, SOPs, KBAs, etc.
• Creation of Shift Turnover Documentation and Products
• Serving as Entry Point to Security Operations; Log all Requests, RFIs, Calls, etc and Work Through to Customer Satisfaction. Add to Turnover as Required.
• Creating Reports/Briefs/AARs/etc as Required
• Joining all IT Operations Generated Bridge Calls
• Thinking Critically and Creatively While Analyzing Security Events, Network Traffic, Events and Logs.
• Incident Response Coordination: Work with Affected Customers to Gather Incident Information, Assess Mission Impact.
• Countermeasure Implementation: In support of IR Actions, Create Options for Isolate and Block Threat Actor Presence.
• Daily Standup Meeting with SecOps
• Creating and updating Incident, Request, and Work Orders daily
• Performs Final Quality Assurance Checks and Closes Tickets with High Degree of Scrutiny
• Responsible for Daily Block list peer review tasks

Qualifications:

• Bachelor's degree or 7 years of hands-on security work experience
• 5 years’ related experience in security operations
• 2 years of experience with Splunk SIEM application

• 7 years related experience in security operations
• 3 years of experience with Splunk SIEM application
• Security+ Certification