Security Analyst

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Cherokee Federal

WebsiteLinkedInAll Job Openings

5001 - 10000 employees

Founded 1969

🏛️ Government

🔐 Security

🏢 Enterprise

Government • Security • Enterprise

Cherokee Federal is a U. S. federal systems integrator and government contractor that empowers mission success for more than 60 U. S. federal agencies. With a global workforce of over 5,000, it delivers advanced technology (cloud, cybersecurity, data & analytics), health services, intelligence analysis and operational support, logistics and sustainment, mission-critical manufacturing, program and engineering technical services, and dynamic contracting solutions to support federal priorities and national security. Cherokee Federal is part of Cherokee Nation Businesses and focuses on mission-focused, U. S. -made solutions.

📋 Description

• Monitor and analyze security events utilizing Splunk Enterprise Security (ES). • Build, maintain, and tune Splunk searches, correlation rules, alerts, and dashboards. • Conduct incident response activities from detection through containment, eradication, recovery, and closure. • Investigate endpoint security incidents utilizing Microsoft Defender for Endpoint. • Perform endpoint policy management and incident investigations. • Assess AWS cloud security telemetry utilizing GuardDuty, Security Hub, and related cloud security services. • Identify threats, vulnerabilities, suspicious activity, and cloud misconfigurations. • Execute alert triage, incident scoping, and escalation activities according to established playbooks. • Recommend updates and improvements to operational procedures and incident response playbooks. • Support threat hunting activities and detection engineering initiatives aligned to MITRE ATT&CK methodologies. • Perform phishing investigations, alert enrichment, and forensic review activities. • Conduct root cause analysis and document corrective actions following security incidents. • Track incidents and operational tasks utilizing case management systems. • Participate in tabletop exercises and operational readiness activities. • Collaborate with Security Operations teams, Incident Response personnel, and federal stakeholders. • Prepare reports and communicate findings to technical and non-technical audiences. • Perform other job-related duties as assigned.

🎯 Requirements

• Three (3) to five (5) years of experience in cybersecurity operations, SOC analysis, incident response, or related security disciplines. • Demonstrated hands-on experience with Splunk Enterprise Security, including search development, dashboard creation, and correlation rule tuning. • Experience utilizing Microsoft Defender for Endpoint for security investigations and policy management. • Working knowledge of AWS cloud security technologies, including GuardDuty, Security Hub, or equivalent tools. • Proven experience managing incidents through the complete incident response lifecycle. • Working knowledge of MITRE ATT&CK framework and common threat actor tactics, techniques, and procedures. • Familiarity with incident response methodologies and frameworks such as NIST 800-61. • Strong analytical, investigative, and problem-solving capabilities. • Excellent written and verbal communication skills. • Experience supporting federal government customers or highly regulated environments. • Ability to work independently while collaborating effectively with cross-functional teams.

🏖️ Benefits

• Medical • Dental • Vision • 401(k) • Paid Time Off • Life Insurance • Disability Coverage • other benefits as provided.