Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.
CSIRT Analyst
Arlington, VA
**This opportunity is contingent upon award**
Company Summary
Arlo Solutions (Arlo) is an consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.
Job Title
CSIRT Analyst
Position Overview
The CSIRT Analyst and cybersecurity practitioner is responsible for managing and responding to security incidents with precision and urgency. The ideal analyst will be proficient in identifying the sources of security incidents, determining their scope, and assessing their impact, utilizing an in-depth knowledge of the incident response lifecycle and common cyber threats. The CSIRT Analyst is expected to demonstrate initiative and a proactive approach to cybersecurity, communicate effectively, be adept at managing time effectively, and have a strong commitment to team collaboration and group efforts. The CSIRT Analyst must be on-site four days per week during the initial transition period, with flexibility depending on team needs thereafter.
Work Location
Arlington, VA
Job Responsibilities and/or Success Factors
- Maintains system cybersecurity monitoring operations.
- Analyzes, reports, and responds to detected cyber incidents.
- Applies advanced skills in ServiceNow, Sentinel One, Splunk, Trellix, Google Admin, and other leading security tools to design, protect, and enhance enterprise systems.
- Monitor security tools, systems, and logs for signs of suspicious or malicious activity.
- Utilize intrusion detection systems (IDS), intrusion prevention systems (IPS), and Security Information and Event Management (SIEM) tools to identify potential threats.
- Stay informed on the latest cyber threats and vulnerabilities to recognize new attack vectors.
- Analyze security incidents to understand their impact and scope.
- Lead or assist in the investigation of security breaches, including identifying the root cause and the extent of damage.
- Develop and execute response plans, including containment, eradication, and recovery from incidents.
- Coordinate with other IT teams to remediate vulnerabilities and restore affected systems.
- Conduct forensic analysis of compromised systems to gather evidence, understand attack methodologies, and determine the source of breaches.
- Maintain detailed documentation of findings and ensure proper chain of custody for legal and compliance purposes.
- Prepare detailed reports on incidents, including timelines, technical findings, and recommended remediation actions.
- Document lessons learned from incidents to improve future incident response efforts.
- Develop and maintain incident response playbooks and procedures.
- Gather and analyze threat intelligence to understand the tactics, techniques, and procedures (TTPs) used by attackers.
- Conduct threat hunting activities to proactively identify and mitigate potential threats before they result in incidents.
- Work closely with other cybersecurity professionals, IT staff, and management to coordinate incident response efforts.
- Communicate incident status and technical information to non-technical stakeholders.
- Participate in post-incident reviews and help develop strategies to prevent future incidents.
Education and Minimum Qualifications
- Must be a US Citizen
- Bachelor’s degree from an accredited university
- 3 years of relevant experience
- Prior experience with CISA and as a Tier 2 CSIRT analyst is highly desirable
AAP Statement
We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.
AAP Statement
We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.
Apply for this job
*
indicates a required field
First Name *
Last Name *
Email *
Phone
Resume/CV
Enter manually
Accepted file types: pdf, doc, docx, txt, rtf
Enter manually
Accepted file types: pdf, doc, docx, txt, rtf
#J-18808-Ljbffr