Offered a Security Analyst position / First time contract employee
Mooseboost
Member Posts: 778 ■■■■□□□□□□
So, I interviewed for a position with Cisco and they have made me an offer. Was curious if anyone else had worked in a similar position before and had some insight into what the role is really like. I've spent the majority of my security career managing firewalls and have never really had the opportunity to do any analyst work. That aside, I have also never been a contract employee. The contract position does pay more (about 6K more) but I would be leaving a full time position with a reliable company. Not that Cisco is not reliable, but I am more worried about the position being contracted and working for Cisco through another company. From what I know, they have the contract with Cisco for 3 years. Thoughts?
Here is the job:
Description:
Security Analyst Duties
• Align security alert review and analysis to prescribed Managed Security Services Operations Playbook
• Conduct introductory analysis into security breaches at customer sites using high-fidelity alerts and tools within Customer environment, Cisco, and online.
• Review alerts generated by:
• security detection tools
• correlate with device logs
• and other forms of available telemetry
• Interpret the above data in the security analysis process
• Maintain up-to-date information in alert handling tools
• Where Customer SLA governs timing, the Analyst must work within the timing bounds to acknowledge and resolve alerts
• Vigilantly protect Customer data confidentiality and integrity, ensuring proper handling and protection electronically, physically, and verbally
• Work in assigned shift and ensure shift is covered personally.
• Document best practices with the SOC staff using available collaboration tools and workspaces
Desired Technical Skills and Qualifications
• Working knowledge of the Windows operating systems
• Working knowledge of Linux / UNIX operating systems
• Experience with Snort or other open source intrusion detection tools
• Working knowledge of Next-Generation Intrusion Prevention System
• Detailed understanding of the TCP/IP networking stack
• Working knowledge of NetFlow technology
• Working knowledge of Full-Packet Capture technologies
• Understanding of the typical client-side and server-side attack chain at the Network and Endpoint level
• Understanding of modern malware threats
• Understanding of the common Network Security technologies and products in the Campus, Data
Center and Internet Edge.
Desired Experience and Certifications
• BS in a technical field (Computer Science / Computer Security / Cybersecurity / Computer
Networking preferred) or equivalent
• 2+ years of professional experience in the IT security industry
• can substitute with own research, formal cybersecurity education and university studies
• SOC operations environment experience
• Sourcefire Certified Professional (SFCP) is a plus
• CCNA Security certification is a plus
• GCIA or GCIH certification is a plus
• Wireshark Certified Network Analyst certification a plus
• CompTIA Linux+ and Security+ certifications a plus
Additional Skills
• Self-discipline to work according to playbook and time requirements
• Passion for cybersecurity and staying up-to-date with current threats, tools and techniques
• Can-do attitude, thinking outside of the box
• Willingness to learn new security technologies, products and incident analysis and response approaches
• Strong collaborative skills and openness to work in a diverse multinational team of security professionals
Here is the job:
Description:
Security Analyst Duties
• Align security alert review and analysis to prescribed Managed Security Services Operations Playbook
• Conduct introductory analysis into security breaches at customer sites using high-fidelity alerts and tools within Customer environment, Cisco, and online.
• Review alerts generated by:
• security detection tools
• correlate with device logs
• and other forms of available telemetry
• Interpret the above data in the security analysis process
• Maintain up-to-date information in alert handling tools
• Where Customer SLA governs timing, the Analyst must work within the timing bounds to acknowledge and resolve alerts
• Vigilantly protect Customer data confidentiality and integrity, ensuring proper handling and protection electronically, physically, and verbally
• Work in assigned shift and ensure shift is covered personally.
• Document best practices with the SOC staff using available collaboration tools and workspaces
Desired Technical Skills and Qualifications
• Working knowledge of the Windows operating systems
• Working knowledge of Linux / UNIX operating systems
• Experience with Snort or other open source intrusion detection tools
• Working knowledge of Next-Generation Intrusion Prevention System
• Detailed understanding of the TCP/IP networking stack
• Working knowledge of NetFlow technology
• Working knowledge of Full-Packet Capture technologies
• Understanding of the typical client-side and server-side attack chain at the Network and Endpoint level
• Understanding of modern malware threats
• Understanding of the common Network Security technologies and products in the Campus, Data
Center and Internet Edge.
Desired Experience and Certifications
• BS in a technical field (Computer Science / Computer Security / Cybersecurity / Computer
Networking preferred) or equivalent
• 2+ years of professional experience in the IT security industry
• can substitute with own research, formal cybersecurity education and university studies
• SOC operations environment experience
• Sourcefire Certified Professional (SFCP) is a plus
• CCNA Security certification is a plus
• GCIA or GCIH certification is a plus
• Wireshark Certified Network Analyst certification a plus
• CompTIA Linux+ and Security+ certifications a plus
Additional Skills
• Self-discipline to work according to playbook and time requirements
• Passion for cybersecurity and staying up-to-date with current threats, tools and techniques
• Can-do attitude, thinking outside of the box
• Willingness to learn new security technologies, products and incident analysis and response approaches
• Strong collaborative skills and openness to work in a diverse multinational team of security professionals
Comments
-
Danielm7 Member Posts: 2,310 ■■■■■■■■□□Touching on just the contracting part. Depending on what you are currently making, a 6K bump to go contractor is likely going to be a pay decrease for you once you factor in tax changes (depends on if you're a 1099 or W2 to the contracting company) vacation, 401K, healthcare, etc.
Is analysis vs infrastructure a change you've been looking to make? -
Mooseboost Member Posts: 778 ■■■■□□□□□□The contract is W2 to the contracting company. If I understand correctly, my benefits are through them.
Realistically my goal is to move further into security or further into infrastructure (more network admin / system admin)- right now my position is mostly about troubleshooting various issues for small businesses who use our product as their everything (UTM,wireless, etc) and the majority of my day is wireless issues or people complaining about their internet speeds. In other words, I feel like I am back at the ISP help desk. -
Mooseboost Member Posts: 778 ■■■■□□□□□□After reviewing the benefits from the contracting company I am not so sure now. Right now my company pays for most of medical, I only pay $9 biweekly... With the contract company, insurance is $103 a week. This pretty much kills the bump in pay.
-
JoJoCal19 Mod Posts: 2,835 ModIt all depends on your situation. If you have a family to take care of then that may not be such a great idea. But based on what you stated you want to do (get into security) vs what you currently listed you do, then it seems like a great opportunity to break into security, especially if you can put Cisco on your resume. I would take that info to the contracting company and negotiate either a higher pay raise or lower healthcare costs.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
Mooseboost Member Posts: 778 ■■■■□□□□□□Yeah, I emailed them back this morning to see if I could negotiate anything with them.
My spouse may also be able to add me to theirs. They have to check with their HR if a job change is a qualifying event to change their plan. Unfortunately I do have some medical conditions that makes health care critical to me and being able to afford medicine. -
TechGromit Member Posts: 2,156 ■■■■■■■■■□Mooseboost wrote: »After reviewing the benefits from the contracting company I am not so sure now. Right now my company pays for most of medical, I only pay $9 biweekly... With the contract company, insurance is $103 a week. This pretty much kills the bump in pay.
Also take a close look at coverage. When I worked for Teksystems, the medical benefits they were offering would have cost me $600 a month and only covered 30% what the doctor/hospital charged with a 25k a year out of pocket expenses. Another words complete crap. I opted to stick with my Cobra benefits, while it was $1,200 a month, it was good coverage.Still searching for the corner in a round room. -
DatabaseHead Member Posts: 2,754 ■■■■■■■■■■First of all good luck to the OP sounds like an exciting opportunity.
I had something similar but chickened out at the last minute, I really like 22 days of paid vacation, but...... basically gave up on 27% increase. Anyway enough about me, like Tech mentioned make sure you check those premiums. If you wife's insurance is solid and you can get on with her sounds like a win. -
Mooseboost Member Posts: 778 ■■■■□□□□□□So.. as it turns out, me losing my benefits for any reason (including job change) qualifies my spouses insurance to be changed outside of the enrollment period. The contract companies coverage is rubbish to be honest so it did have me worried. But, I can get added onto the insurance and even the best plan comes out cheaper for us both than my individual plan would be from the contract company. I suppose I did freak out a bit and didn't look at other options. So in the end, all is well.
This job is good for my career. From what I hear red badges are not the glory of Cisco, but having Cisco on my resume and getting real security experience puts me on the path to where I ultimately want to end up. Not to mention there is some chance of moving to a blue badge eventually or getting to cross into another position. -
DatabaseHead Member Posts: 2,754 ■■■■■■■■■■Just curious how old you are, I'm 41 (I find myself not quite the risk taker as I used to be)
Anyway I agree sounds like a major win and a great resume and skill builder. Awesome work. -
Mooseboost Member Posts: 778 ■■■■□□□□□□My last day at my old job was Friday. Now I have a couple of weeks off before I start at Cisco. Looking back, I am glad I decided to go with Cisco. I have always wanted to work there, even if it is contracted.
@DatabaseHead - I'm 25. -
TechGromit Member Posts: 2,156 ■■■■■■■■■□Mooseboost wrote: »Now I have a couple of weeks off before I start at Cisco.
Why the 2 week gap between jobs? Taking a vacation or something? Personally I would have scheduled things so I'm finished with the one job on a Friday and start the new job on a Monday.Still searching for the corner in a round room. -
Mooseboost Member Posts: 778 ■■■■□□□□□□TechGromit wrote: »Why the 2 week gap between jobs? Taking a vacation or something? Personally I would have scheduled things so I'm finished with the one job on a Friday and start the new job on a Monday.
Yup - taking a vacation. Outside of a family medical emergency, I have not really use vacation time in the last years. I wanted some time off to relax and enjoy things a bit before I started.