Contractor Cyber Security Analyst

Position Overview: As a SOC Analyst at Pharmbills, you will play a critical role in safeguarding our clients’ IT infrastructure by monitoring, analyzing, and responding to security threats. You will work as part of a collaborative team to identify, investigate, and contain cyberattacks in real-time.

Duties and Responsibilities:

• Monitor and analyze security events using Security Information and Event Management (SIEM) tools.
• Investigate security incidents, identify root causes, and determine appropriate containment and remediation actions.
• Analyze network traffic for suspicious activity and potential vulnerabilities.
• Maintain knowledge of the latest cyber threats and vulnerabilities.
• Escalate high-priority incidents to senior security analysts or incident response teams.
• Document security incidents and findings for future reference and reporting purposes.
• Assist with the ongoing improvement of security processes and procedures.
• Collaborate with internal teams and external vendors to ensure effective incident response.

Skills and Abilities:

• Experience in active incident response and investigation.
• Proficiency in investigating incidents in cloud environments, especially Azure & GCP.
• Basic experience in investigating endpoint-based incidents using tools like SEIM, EDR, and evidence parser tools such as Kape and Velociraptor.
• Relevant certifications such as Security+, CompTIA CySA+, or GIAC Security Essentials (GSEC).
• Experience with scripting languages (e.g., Python, PowerShell).
• Knowledge of the incident response playbook and the ability to follow the NIST incident response framework.
• Understanding of the Mitre ATT&CK framework and the ability to think from the perspective of a threat actor.
• Knowledge of network security concepts (e.g., firewalls, intrusion detection/prevention systems).
• A passion for learning and staying updated on the latest cyber threats.

Education and Experience:

• Minimum 1-2 years of experience in a security analyst role or related field.
• Strong understanding of cybersecurity principles and best practices (e.g., SIEM, firewalls, intrusion detection systems).
• Experience working with security monitoring and incident response tools.
• Excellent analytical and problem-solving skills.
• Ability to work independently and as part of a team in a fast-paced environment.
• Excellent written and verbal communication skills.

Physical Demands: Regular sitting, utilizing office equipment such as phones, computer keyboard, mouse, cabinets, and desks. Employee might also need to practice range of motion to stand to file or retrieve documents in filing cabinet.

Benefits:

• International exposure and collaboration with the US team and customers.
• Experience with a fast-growing and stable company.
• Opportunity to engage in a remote environment with a friendly team of professionals.
• Flexible engagement according to the New York time zone.