A recognized health services organization in New Jersey is actively seeking an experienced IT professional to join their staff as its new Senior Cybersecurity Operations Analyst. In this role, the Senior Cybersecurity Operations Analyst will be responsible for advanced-level threat hunting and investigations by utilizing the Security Event and Incident Management (SIEM) system and other cybersecurity tools.
***This is a Hybrid opportunity requiring the qualified professional to work onsite at least 3 days a week.***

Responsibilities:
- Act as the incident coordinator by leading incident response actions for active cybersecurity incidents, including third-party incidents, providing updates to leadership, and follow through until the incident is satisfactorily resolved
- Provide technical and thought leadership within CSOC by teaching other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents and other anomalies regularly
- Conduct in-depth investigations on complex incidents efficiently to neutralize a threat
- Design, implement, and optimize a proactive/predictive Insider Threat Program leveraging statistical analysis and machine learning (UEBA)
- Research and develop new statistical and behavioral detection capabilities for identifying Advanced Persistent Threats (APTs) and in support of the CSOC strategies
- Review current tooling to identify gaps and incremental monitoring opportunities
- Create and maintain standard operating procedures for key functions in CSOC, including step-by-step guides to technologies used by analysts.
- Perform other duties, as needed
Qualifications:
- 8+ years of Cyber Security-related work experience, including 3 years prior experience detecting/responding to Cybersecurity incidents using Splunk or similar SIEM platform
- High School Diploma / GED
- Certified in one or more of the following: SANS GIAC (GCIH, GCIA, GMON, GCED, GCDA, GPEN, etc.), CEH, or similar cybersecurity certification
- Expert-level understanding of IT Security concepts with an emphasis on advanced detections, digital forensics, and incident response
- Thorough understanding of Microsoft’s enterprise technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems
- Knowledge in four or more cybersecurity tools covering endpoints, email, network, database, web, data loss prevention (DLP), behavior analytics, cloud, access control, etc.
- Good understanding of AWS Cloud Security controls
- Advance knowledge in Splunk Enterprise Security and Splunk SOAR, with the ability for Splunk/ SOAR detection engineering
- Proficiency with Windows PowerShell or Python scripting language
- Strong verbal and written communication skills
Desired Skills:
- Bachelor's Degree in Computer Science, Information Security, and/or a related technical discipline
- Management-level Security certifications such as CISSP, CISM, or similar
- SPLUNK SIEM and/or Splunk SOAR certification
- Experience in the Healthcare and/or Financial Services industries
