• Perform security event monitoring using Security Information and Event Management (SIEM) from multiple sources, including but not limited to, events from network and host-based intrusion detection/prevention systems, network infrastructure logs, systems logs, applications, and databases.
• Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform analysis of exploits.
• Proactive monitoring and response of known and/or emerging threats.
• Carry out Thrive’s information security strategy both internally and externally for 400+ clients in the northeast.
• Analyze data from our SOC and SIEM and determine if further analysis is needed.
• Work within Thrive’s security standards and best practices and recommend future enhancements.
• Manage our clients’ security awareness training to help their end users be as safe as possible.
• Analyze vulnerability scans and determine remediation steps
• Stay abreast of security events and techniques to keep our clients protected.
• Build awareness through training and education.
  
  

• H
as knowledge of the following systems and technologies:
• SIEM (Security Information and Event Management)
• TCP/IP, computer networking, routing, and switching
• IDS/IPS, penetration and vulnerability testing
• Firewall and intrusion detection/prevention protocols
• Windows, UNIX, and Linux operating systems o Network protocols and packet analysis tools
• EDR, Anti-virus, and anti-malware
• Content filtering
• Email and web gateway.
• Understanding of cybersecurity threats, and experience with incident response standards and procedures.
• Demonstrates comprehension of good security practices
• Professional experience in a system administration role supporting multiple platforms and applications
• Ability to communicate network security issues to peers and management
  
  

• Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions. Must be able to work effectively in a team environment and collaborate within the team and other stakeholders.
• Computer Networking & Security
• Vulnerability Discovery and Analysis
• Operating System Internals
• Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.).
• Excellent Written and Verbal Communication Skills Preferred Skills:
• Knowledge of common Windows and Linux/Unix system calls and APIs
• Understand Anti-Virus
• Knowledge of programming languages.
• Knowledge of internal file structures for file formats commonly associated with malware (e.g., OLE, RTF, PDF, EXE, etc.)
  
  

Please refer to job description.