Security Monitoring Analyst

Plano, Texas | Yarmouth, Maine

0-5%

• Contribute to the development and improvement of SecMon, IR, and CTI and processes and tools.This will involve staying abreast of the latest security technologies and trends and recommending improvements to existing security infrastructure. Proactive Threat Monitoring: Monitor network traffic, system logs, and security alerts to identify potential threats and anomalies. This will involve utilizing various security information and event management (SIEM) tools, intrusion detection systems (IDS), and other security monitoring technologies.
• Develop and refine detection rules and signatures to improve the efficiency and effectiveness of threat detection systems. This will involve staying abreast of the latest threat intelligence and attack techniques.
• Analyze security events to verify and assess the initial scope, impact, and root cause of security alerts. This will require in-depth knowledge of network protocols, operating systems, and common attack vectors.
• Identify processes that can be automated and orchestrated to ensure maximum efficiency of operational resources, reducing manual repetitive tasks where possible.
• Exhibit hands-on experience with security monitoring and incident response tools and technologies, including SIEM platforms, intrusion detection systems, and endpoint detection and response (EDR) solutions.

• BA/BS in Engineering, Computer Science, Information Security, or Information Systems, related work experience, or proven, demonstrable experience or skills in cybersecurity via Capture the Flag competitions or games, hacking platforms, or home Labs.
• Typically requires 3-5+ years' of hands-on experience in a similar security role.
• Excellent investigative skills with the ability to think like an adversary.
• Strong problem-solving and troubleshooting skills.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Self-motivated and possessing a high sense of urgency and personal integrity.
• High ethical standards and values.
• Able to define and refine operational procedures, workflows, and processes to support the team in consistently executing monitoring and detection with quality.
• Good understanding and knowledge of common industry cyber security frameworks, standards, and methodologies, including but not limited to MITRE ATT&CK, OWASP, ISO2700x series, PCI DSS, and NIST standards.
• Strong communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
• Demonstrate proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automating security tasks and analyzing data.
• Possess a working knowledge of network infrastructure and communication protocols, including TCP/IP, DNS, and HTTP.
• Experience working with cloud security platforms (e.g., AWS, Azure, GCP) would be highly desired.
• Relevant cybersecurity certifications (e.g., Security+, GSEC, CEH) are valued.
• Knowledge of threat intelligence platforms and techniques is beneficial.
• May be required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements.

Come join us as we transform the public sector! Our mission, vision, and values guide everything we do. We're also frequently recognized as a great workplace locally and nationally. See our many awards and accolades.

Tyler is subject to regulations, guidelines, and/or client requirements relating to the qualifications of Tyler personnel performing certain client work. Because of the nature of this position, it is a requirement that the candidate can successfully pass a federal background check at the time an offer is extended and over the course of employment with Tyler.