Security Analyst

**Job Summary:**

As a Security Analyst at InterSources, you will be responsible for monitoring, analyzing, and responding to security events and incidents. You will work with industry-leading security tools, including Microsoft Sentinel and CrowdStrike, to ensure the integrity, confidentiality, and availability of our clients' information systems. The ideal candidate will possess a deep understanding of log formats and have the capability to develop and implement analysis rules to detect and mitigate potential security threats.

**Key Responsibilities:**

1. **Security Monitoring and Incident Response:**
- Monitor security alerts and events from various security tools (Microsoft Sentinel, CrowdStrike, etc.).
- Analyze and investigate security incidents to determine the root cause, impact, and resolution.
- Respond to security incidents, including containment, eradication, and recovery.

2. **Log Analysis and Rule Writing:**
- Collect and analyze logs from various sources, including network devices, operating systems, applications, and security tools.
- Develop and implement analysis rules and correlation searches to detect suspicious activities and potential security threats.
- Maintain and update existing rules and alerts to enhance detection capabilities.

3. **Threat Intelligence and Vulnerability Management:**
- Utilize threat intelligence sources to stay updated on the latest threats and vulnerabilities.
- Conduct vulnerability assessments and recommend mitigation strategies to clients.
- Collaborate with clients to address identified vulnerabilities and improve their security posture.

4. **Reporting and Documentation:**
- Prepare detailed incident reports and post-incident analysis to document findings and recommendations.
- Maintain accurate records of security events, incidents, and actions taken.
- Provide regular reports and updates to the Security Operations Manager and clients.

5. **Collaboration and Communication:**
- Work closely with other members of the security team, IT staff, and clients to ensure effective security operations.
- Communicate complex security issues and recommendations to non-technical stakeholders.

**Qualifications:**

- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum of 3 years of experience in a security analyst role or similar position.
- Proficiency in using security tools such as Microsoft Sentinel and CrowdStrike.
- In-depth knowledge of log formats (e.g., syslog, Windows Event Logs, application logs) and log analysis techniques.
- Experience in writing and tuning analysis rules, correlation searches, and alerts.
- Strong understanding of cybersecurity principles, threat landscape, and best practices.
- Familiarity with threat intelligence and vulnerability management processes.
- Excellent analytical, problem-solving, and communication skills.
- Relevant certifications (e.g., CISSP, CEH, GCIH) are a plus.

**Preferred Skills:**

- Experience with other security tools and platforms (e.g., Splunk, ArcSight, QRadar).
- Knowledge of scripting languages (e.g., Python, PowerShell) for automation and data analysis.
- Familiarity with regulatory requirements and compliance standards (e.g., GDPR, HIPAA).