JUNIOR SECURITY ANALYST COVER LETTER TEMPLATE

• Analysis of report data to produce metrics related to security controls
• Use scripts (such as PowerShell or SQL queries) or export utilities to gather relevant data
• Use various software (such as Excel or NotePad++) to sort, filter, format, and compare data to determine software coverage gaps, control compliance, etc.
• Produce lists for recommended remediation (list of systems to be upgraded, software requiring installation, account passwords to be reset, etc.)
• Review of specific control implementation
• Acquire a list of systems detected with a specific EOL software
• Evaluate a list of systems with a configuration vulnerable to a specific threat (given factors such as ports or software version required for exploit)
• Log analysis as part of project research or incident response
• Export and analysis of firewall logs to determine network connectivity issues (given source, destination, port, traffic is blocked, allowed, or not present, etc.)
• Review of security event data through multiple systems (AV, web-filter, email defense, etc.) to identify the source of malicious files or traffic

Skills: Data Analysis, Scripting Automation, Software Auditing, Compliance Review, Remediation Planning, Threat Evaluation, Log Analysis, Firewall Analysis

• Review of blocked traffic or rule usage reports to determine potential tuning recommendations
• Procedure development and validation
• Help formalize and mature procedures by stepping through various processes to test documentation and raise questions
• Build security system configuration documentation
• Gather screenshots, current setting values, firewall object definitions, etc, and compile into a structured document.
• Submit documentation and manage tickets for MSSP-managed upgrades or other standard low-risk changes.
• Communicating with system owners to gather various audit data
• Follow-up on requests (expiring VMS exceptions, overdue remediation tickets, incomplete documentation)
• Respond to questions and requests related to security operations
• Monitor for blocked or allowed traffic, or current firewall rule-sets.
• Research about patch applicability or vulnerability mitigations
• Test addresses/URLs against current rules or vendor reputation
• Basic modifications to allow-lists, firewall rules, or AV exceptions

Skills: Traffic Review, Procedure Development, Documentation Building, Ticket Management, Audit Communication, Security Support, Patch Research, Rule Modification

• Conduct risk assessments for solutions proposed by the business
• Communicate risk findings to stakeholders
• Develop cyber training materials, such as posters and digital communications
• Maintain the cybersecurity awareness training program, including web-based training modules
• Maintain suites of information (e.g., SharePoint) to facilitate access by end-users
• Support the CISO and CIO in the formulation of cyber-related policies
• Monitor events and triage alerts across various security platforms utilized by the client
• Identify and resolve false positive findings reported by information security tools

Skills: Risk Assessment, Risk Communication, Training Development, Awareness Program, Information Management, Policy Support, Alert Triage, False-Positive Handling

• Support the IT support team in identifying and classifying security threats.
• Assist with vulnerability assessments and monitoring systems, networks, for potential breaches.
• Support with vendor or external consultants' risk management, including maintaining third-party questionnaires and collecting responses.
• Perform internal audits within the organization, making sure the security controls are implemented.
• Investigate security alerts and provide incident response.
• Carry out Vulnerability Assessments and communicate the deviations to the IT support team
• Document the incidents from initial detection through final resolution.
• Monitor systems and networks for any unusual, unauthorized, or illegal activity.
• Monitor and respond to 'phishing' email attempts.
• Support the creation of monthly reports for both technical and non-technical staff

Skills: Threat Classification, Vulnerability Monitoring, Vendor Risk, Internal Auditing, Incident Response, Incident Documentation, Network Monitoring, Phishing Response

• Apply documented methodology to ensure consistent management of security controls to deliver maximum value and minimize business impact
• Support the delivery of threat management, technology controls, and incident response
• Develop subject matter expertise and plan/execute project work as it relates to the delivery and operations of cybersecurity controls such as endpoint detection and response, data protection, network security, cloud security, data analytics, etc.
• Develop specialised knowledge and skills with a range of cybersecurity controls and a continuous improvement mindset for fine-tuning the controls to reduce risk exposure and data loss through investigation, testing, implementation, and verification
• Assist in the development and maintenance of information security standards, processes, and guidelines
• Perform the collection and management of information security operations metrics and measures
• Produce high-quality outcomes and timely service delivery
• Effectively collaborate with information security and risk resources
• Perform administration, testing, and remediation (including the support of RCA) of security controls
• Collaborate with business teams to effectively predict, protect, and respond to security threats
• Conduct research and evaluation of new security technologies, processes, and methodologies

Skills: Control Management, Threat Support, Cybersecurity Operations, Control Optimization, Standards Development, Metrics Management, Security Collaboration, Technology Research

• Appropriately escalates alerts and observations to the proper teams for remediation
• Extract and maintain intelligence gathered in the remediation of security incidents to augment the client's detection and proactive response capabilities
• Monitor email and ticketing systems for security-related issues and follow through until resolution
• Stay up to date with adversary tactics, techniques, procedures (TTPs), and IT news
• Maintain security administration processes and checks that all requests for support are dealt with according to agreed procedures.
• Operate or support the operation of tools that contribute to an effective security posture.
• Assistance with the onboarding of any enhancements to the security tools, including deployment and ongoing management, and maintenance.
• Initiate and shepherd swift remediation action to resolve issues.

Skills: Alert Escalation, Incident Intelligence, Ticket Monitoring, Threat Awareness, Security Administration, Tool Operations, Tool Onboarding, Issue Remediation

• Experience in security operations
• Strong understanding of computer networking and software development
• Knowledge of security incident management, malware management, and vulnerability management processes
• Introductory understanding of securing cloud services, container and multi-tier web applications, data lake and relational databases, WAF and virtual firewalls, VPN, and host endpoint protection products.
• Familiarity with NIST and CIS security standards
• Security monitoring experience with one or more SIEM technologies, incident detection and response, and intrusion prevention technologies
• Familiarity with GDRP, PIPEDA, and other regulations
• Ability to be available after hours and participation in on-call rotations
• Information Security professional designations, such as CISSP, CISM, CISA
• Compliance and audit experience (PCI, SOC2, ISO, etc.)
• Knowledge or have working with leading vendor certifications

Qualifications: BS in Cybersecurity with 3 years of Experience

• Experience in the Security domain.
• Knowledge of Microsoft Endpoint Security Products.
• Exposure to patching, supporting, and securing MS server products
• Ability to work with transparency within a small, geographically diverse team
• Exposure to Rapid-7 SEIM and vulnerability management tools, including Splunk, Symantec Email Security, AWS, and Azure Cloud environments and security techniques.
• Ability to work under pressure in an incident scenario
• Ability to incident investigation assistance
• Flexibility of work hours to support incidents and communications across a geographically distributed environment and team
• Ability to clearly articulate the technical to a non-technical audience
• Knowledge of McAfee Endpoint Security products
• Exposure to Operational Technologies in a manufacturing environment.

Qualifications: BS in Computer Science with 2 years of Experience

• Basic knowledge of vulnerability management
• Knowledge of security awareness platforms
• Knowledge of LogRhythm or other SIEM platforms
• Knowledge of O365 and Azure AD, Single Sign-On (SAML), and Next-Generation Firewalls
• Knowledge of Endpoint Detection and Response (EDR) platforms
• Detailed understanding of networking concepts
• Experience in information security
• Strong time management skills
• Basic Microsoft Office skills, such as Excel, Word

Qualifications: BS in Information Technology with 1 year of Experience

• Previous experience in cybersecurity
• Ability to engage and ready to explore new tasks
• Good verbal, written, and interpersonal communication skills
• Knowledge and understanding of IT risk assessment of potential and current information security risks
• Experience with cloud microservice architectures, configuration, operation, and maintenance
• Experience working in healthcare or related industries
• Familiarity with developing within an agile scrum planning methodology
• Strong customer-centric mindset
• Basic understanding of Structured Query Language (SQL)
• Knowledge of Linux (Debian-based) operating systems, Windows operating systems, Networks, and networking, Web protocols

Qualifications: BS in Network Engineering with 3 years of Experience

• Work experience in Information Technology or Customer IT Technical support industries
• Conceptual knowledge of fundamental theories, principles, and practices
• Basic knowledge or understanding of some information security technologies, including Firewalls, IDS/IPS, DLP, End Point Security, Data Encryption, Network Access Control, Web/Email filtering, Penetration Testing, Forensic Investigation, and Security Incident and Event Management
• Good communication skills (verbal and written), i.e., ability to communicate with technical and non-technical audiences at various levels
• Willingness to work in extended hours, during MI or P1 security incidents
• Ability to work in a shifting schedule for 24x7 security coverage
• Ability to handle pressure or stress
• Experience/Understanding of cloud environments and the associated security
• ICT Security qualifications or working towards qualifications such as GSEC, GCIA, or CompTIA Security+

Qualifications: BS in Information Systems with 1 year of Experience

• Previous helpdesk experience
• Exposure to networking and security support
• Exposure to servers and systems support
• Exposure to Active Directory and ID management systems
• Ability to participate in security operations
• Strong analytical skills
• Fluency in English with strong communication skills
• Broad understanding of IT systems
• Experience/Understanding of Web and Network vulnerabilities

Qualifications: BS in Software Engineering with 2 years of Experience