Overview:Alliant Cybersecurity is seeking a Security Analyst – Tier 1 to be based in Houston, TX to support its Security Operations Center in India. The Security Analyst – Tier 1 will be responsible for day-to-day security monitoring of both the corporate and customer networks at Tier 1 levels. This individual will review, escalate, or receive escalated security alerts from other SOC staff or customers, perform the triage analysis necessary to identify if the alert is a false positive and determine whether or not the related event(s) represent a security incident. This individual may also participate in monitoring directly associated with incident response efforts, should have experience with creating SIEM dashboards and other data analytics, identifying data sources to strengthen SIEM reports, will be responsible for writing new signatures for a variety of security instrumentation, and will serve as a mentor to peer analysts when applicable.Qualifications:·      Knowledge of security monitoring technologies and cored security principles·      Direct experience with any SIEM or log aggregation system·      Ability to review captured network traffic, and compare against the contents of a security alert to verify the nature of the detection·      Experience and familiarity with IT management products and services·      Experience analyzing Firewall, IDS, IPS, DNS, DHCP, Web Proxy, Anti-Virus and SMTP data for security-related concerns and events·      Skilled at using multiple operating systems·      Scripting skills in any common language (Python, Perl, Bash or Powershell) is a plus·      Ability to suggest technical solutions to complicated problemsEducation:Degree in Computer Science, Engineering, or a related technical discipline. Priority given to the most qualified candidates. Relevant security certifications (CISSP, CISM, CISA, CEH, CNNA, etc.) is a plus.Responsibilities:·      Operational security monitoring to include: review security alerts, conduct triage analysis of related security events, make true/false positive decisions, make escalation decisions (to senior analysts or to the Incident Response process), and make initial severity determinations·      Manage and administer a SIEM, develop reports and other capabilities to support the needs of our clients·      Identify data sources and analytics for inclusion into SIEM·      Conduct trending analysis of security alerts and events to identify patterns indicative of new unauthorized activity·      Develop new signatures and correlated searches based on a variety of requirements·      Identify log and event sources including Active Directory event logs, Routers, Switches, Firewalls, PCAP/Flow data, DNS, audit and authentication logs, VPN, IDS, and other sensor field tools and technologies·      Make recommendations on new threat feeds and tools to help evolve automated threat detection capabilities as well as aid in computer forensic and historical investigations·      Provide Cybersecurity and Threat Analyst services to support active information security incidents and events from the Logging and Event Management solution·      Evaluate communication security, data vulnerability, business continuity and compliance risks along with vulnerabilities/weaknesses in systems·      Examine a client’s compliance with security controls and deficiencies, security policy, processes and procedures for completeness, and ensure that controls are adequate to protect sensitive information systems