Network Security Analyst (SIEM / Cloud / CCSP)

Trigyn's direct government client in Austin, Texas has a requirement for a Network Security Analyst (Hybrid). The particulars of the opportunity are below:

Description:

The client is seeking a highly motivated and talented individual to join cybersecurity team as a Network Security Analyst. The Network Security Analyst is responsible for proactively identifying, investigating, and disrupting advanced cyber threats that evade traditional security controls. The role focuses on hypothesis-driven analysis, adversary behavior detection, and continuous improvement of threat detection capabilities.

Key Responsibilities

• Proactively conduct threat hunting activities to identify malicious activity, advanced persistent threats, and indicators of compromise not detected by automated tools
• Develop and execute hypothesis-driven hunts based on threat intelligence, adversary tactics, techniques, and procedures (TTPs), and organizational risk profiles
• Analyze endpoint, network, identity, and cloud telemetry to detect anomalous or suspicious behavior
• Investigate and validate potential security incidents, determine root cause, and assess scope and impact
• Collaborate with incident response, SOC, and detection engineering teams to support containment, eradication, and recovery activities
• Translate threat hunting findings into actionable detection logic, alerts, and analytics to improve security monitoring
• Document hunting methodologies, findings, and recommendations in formal reports and knowledge repositories
• Contribute to the development and tuning of security use cases, queries, and detection rules across SIEM, EDR, NDR, and cloud security platforms
• Leverage threat intelligence sources to track emerging threats, attacker tools, and campaigns relevant to the organization
• Support purple team activities, tabletop exercises, and continuous adversary simulation efforts
• Maintain awareness of evolving attacker techniques and emerging cybersecurity threats
  
  

The above job description and requirements are general in nature and may be subject to change based on the specific needs and requirements of the organization and project.

Mandatory Qualifications:

• Strong understanding of attacker tactics, techniques, and procedures.
• Experience analyzing logs and telemetry from SIEM, EDR/XDR, network security, identity platforms, and cloud environments.
• Proficiency in query languages and scripting used for threat hunting.
• Solid knowledge of Windows, Linux, and cloud operating systems, including common attack vectors and persistence mechanisms.
• Proven expertise in security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
• Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats and designing solutions to mitigate those threats.
• Knowledge and experience working with relevant National Institute of Standards and Technology (NIST) standards.
• Familiarity with threat intelligence sources, malware analysis concepts, and digital forensics fundamentals.
• Experience documenting investigations, creating hunt reports, and communicating technical findings to diverse audiences.
• Strong analytical, problem-solving, and critical-thinking skills.
• Ability to work independently while collaborating effectively within cross-functional cybersecurity teams.
• Ability to resolve complex security issues in diverse and decentralized environments; to learn, communicate, and teach new information and security technologies; and to communicate effectively.
• Conduct forensic investigations on cyberattacks to determine how they occurred and how they can be prevented in the future.
• Experience creating/reviewing/updating security policies and standards for the public/private/hybrid cloud contexts.
• GSEC, CEH, CISA, CCSP Preferred.
• Certification as an AWS Solutions Architect, Cloud Security Certification, and/or OpenStack Administrator Certification a plus. (Other cloud-related certification also a plus.)
• Experience with Endpoint Detection and Response (i.e. EndGame, Crowdstrike, CyberReason). Detect and respond to alerts from end point detection response tools.
• Experience with Email Threat Management (i.e. Proofpoint, MimeCast, Microsoft).
• Experience with SIEM engineering design/management/analysts (i.e. Splunk, Rapid7, SumoLogic).
• Experience with Data Loss Protection/Cloud Access Security Brokers (i.e. Symantec, Microsoft, Bitglass, Netskope).
• Experience with Cloud Enterprise Network Security (i.e. Cisco Umbrella, Palo Alto, ZScaler).
  
  

For Immediate Response call , or send your resume to

TRIGYN TECHNOLOGIES, INC. is an EQUAL OPPORTUNITY EMPLOYER and has been in business for 35 years. TRIGYN is an ISO 9001:2015, ISO 27001:2013 (ISMS),ISO 20000:2018 and CMMI Level 5 certified company.