Kearney & Company is looking for a Senior Security Analyst to join a dedicated Security Operations team responsible for monitoring, managing, operating, deploying, and continuously improving cybersecurity controls and associated technology solutions in client environments. As part of the SOC team, you will work with cross-functional teams that may include IT teams, operational staff, external vendors, third parties, and business partners to identify and address issues. Kearney and Company encourages all employees to learn and grow as professionals at a very aggressive pace. The ideal candidate has a passion for information security, excellent analytical and communication skills, a strong foundation in information security concepts, and a solid understanding of networking and systems technologies.

• Initial triage of security events using established procedures, tools and monitoring platforms including, but not limited to:
  • Firewalls and network devices
  • Servers and workstations
  • Web proxies
  • Intrusion detection and prevention systems (IDS/IPS)
  • Anti-malware systems
  • Security Incident and Event Management systems (SIEM)
  • Data Loss Prevention systems (DLP)
  • Advanced Endpoint Detection and Response systems (EDR)
• External communications from outside entities, users, phone calls, emailsSupervise and manages mid and junior staff
• Conduct research on new threats and recommend implementation of preventive measures
• Develop security policies and procedures
• Install and maintain security software and hardware
• Monitor computer networks for unauthorized access or use of network resources
• Perform risk assessments of current security measures to identify potential vulnerabilities
• Perform threat hunting activities
• Assist senior members of the SOC with analyzing and responding to potential security incidents
• Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities, malware, and other threats that have the potential to impact our clients
• Document threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs)
• Manage the Security monitoring tools, set up dashboards and alerts
• Expected to stay current on security industry trends, new threats and attack techniques, mitigation techniques, and emerging security technologies
• Conduct security research and intelligence gathering on emerging threats and exploits
• Participate on shift-transition calls to ensure all open cases and tasks are properly managed and addressed
• Periodic reporting of metrics and corresponding analysis for client review and strategic information security program adjustments and planning
• Maintenance and management of various security technology platforms

• Highly motivated to work in information security
• Bachelor’s degree in Information Technology or related field
• 7+ years of experience
• Any of the following certifications: CEH, Security+, OSCP, CISSP, CISM, GSOC, GCFA
• Candidate must be a US citizen and able to obtain agency suitability
• Customer oriented & professional
• Strong verbal and written communication skills
• Ability to understand and correlate data from multiple sources, not limited to user authentication events, windows security event logs, syslog, NetFlow/PCAP data, DHCP logs, DNS logs, intrusion detections alerts, proxy logs, packet captures, and firewall events.
• Knowledge of various security
• methodologies and processes, and technical security solutions a plus
• Understanding of how both Windows, Linux and network platforms are compromised a plus
• Experience with any of the following is a plus
  • Elasticsearch
  • Palo Alto Cortex XSOAR
  • Confluent
  • Apache Kafka
  • Microsoft Defender for Endpoint (MDE)
  • Kusto Query Language (KQL)
• Regular expression creation experience to support dynamic security event analysis.
• Solid understanding of IP networking fundamentals, including IPv4, TCP/IP, LAN/WAN design theory, static and dynamic routing protocols, NAT, ACLs, etc.
• Solid Understanding of TCP/IP, the OSI Model, and underlying Protocols.
• Scripting language skills in Python or PowerShell are a plus
• Understanding of cyber forensics concepts including malware, hunt, etc.
• Understanding how to interpret vulnerability and penetration scan results
• Configuration and knowledge of design and implementation concepts of firewall, VPN, IPS, vulnerability management platforms, and other security technologies is desirable
• Competency with Microsoft Operating Systems, including server and workstation and AD engineering and administration capabilities, is desirable

• Medical, Dental, Vision, Life, AD&D, and Disability Insurance
• 401(k) Retirement Plan and 529 Education Savings Plan
• Flexible Spending & Health Savings Account
• Accident, Critical Illness, Hospital Indemnity Insurances
• Legal Insurance and Pet Insurance
• Employee Assistance Program, fitness and wellness benefits, and other firm benefits.
• Paid holidays, vacation, and sick time

EEO Notice