Cyber Security Analyst
Harrisburg, PA
***Client would prefer candidates local to the Harrisburg, PA Area.***
***This position is fully remote
Client seeks a local Cyber Security Analyst whose strength is in firewalls with minimum 5 years' experience with at least 2 years in a large-scale enterprise Windows environment. This position is fully remote; however, the individual will need to come onsite to The Server Farm at the manager's request.
Job Responsibilities

• Demonstrates good judgement and problem-solving skills. Reacts and adapts to

changing circumstances rapidly. Technically proficient and experienced with
Windows and Unix/Linux operating systems, enterprise class firewalls, network
security, network traffic analysis, incident response, vulnerability analysis,
packet analysis, and systems hardening. Possesses proficient knowledge of layer
2 switching and layer 3 routing protocols, encryption protocols, communication
protocols. Examples include but not limited to: TLS/SSL, IPsec, SSH, PGP, VLAN,
LLDP, LACP, ARP, 802.1x, DNS, AES, etc.

• Assists in deterring, identifying, monitoring, investigating and analyzing

network intrusions. Collects intrusion artifacts, indicators of compromise,
correlates artifacts across systems, and gathers other relevant facts to enable
mitigation of potential incidents within the enterprise.

• Receives and analyzes network alerts from various sources within the

enterprise. Determines the alert trigger, the severity of the alert, and
prioritizes response accordingly. Track and document incidents from
initial detection to final resolution.

• Participates in the containment and neutralization of cyber threats based on

the intelligence and indicators of compromise gathered. Assesses damage to
services, systems, networks, data and other relevant assets. Participates in
the restoration and reconstitution of systems and services. Makes
recommendations to prevent the recurrence of cyber incidents and verifies that
normal operations have resumed.

• Manages, monitors, and analyzes several security technologies to include

defensive and offensive security solutions on the perimeter and internal
networks such as firewalls, intrusion detection/prevention systems (IDS/IPS),
data loss prevention, etc.

• Uses data from Security Information and Event Management (SIEM) and other

logging solutions to conduct analysis, identify cyber trends, disseminate
relevant findings, and recommend suitable security and/or compensating
controls.

• Participates in the design and implementation of security controls. Grants and

revokes access to restricted resources, ensures that end-users are authorized
to access requested resources, and participates in periodic system
audits/cleanup initiatives.

• Assists leadership in planning and implementing cybersecurity infrastructure or

technology related projects, participates in the installation of equipment,
related cabling, and conducts ongoing maintenance/repair of security
infrastructure assets as needed.

• Performs research, evaluates security technologies/services, to drive process

improvements, integrate automation, increase efficiency, strengthen service
delivery, and improve security posture.

• Assists in maintaining an accurate and thorough knowledgebase. Creates and

revises documentation, procedures, flowcharts, diagrams, etc.

• Leverages Commonwealth incident tracking and ticketing systems to receive tasks

from other units, delegate tasks to other units, prioritize daily tasks,
document actions taken, and the final resolution for tasks completed.

• Provides on-call and/or emergency support, including after-hours as needed.

• Adheres to established service management processes and procedures.

• Performs all other related duties as assigned.

Requirements

• Professional cyber-security experience in large-scale Windows environments – 5

years minimum.

• Understanding of current threats and trends in information security.
• Professional oral and written communication skills.
• Excellent soft skills such as listening, presenting, and negotiating.
• Must pass required Pennsylvania State Police background check (cannot have any felony offenses)
• Ability to work remotely.

Desired

• Active cyber-security certification from an accredited organization such as ISC2,

CISA, CompTIA, EC-Council, ISACA, GSEC, etc.
Skills: