Network Security Analyst II

As a Network Security Analyst, you'll move our client, and your career, forward by performing monitoring, investigating and protecting the network security infrastructure, ensuring its performance, reliability, and security. This role is focused on analyzing, optimizing, and enhancing the effectiveness of the organization's network security ecosystem. The analyst will leverage data across security platforms to identify trends, improve policy posture, and drive actionable recommendations. The ideal candidate brings a strong analytical mindset, hands-on experience with security tools, and a proactive approach to improving detection, response, and operational efficiency.

Candidates represented by third party employers cannot be considered.

How You'll Help Move Us Forward

• Analyze data across network security platforms (firewalls, WAF, proxy, SIEM) to identify trends, gaps, and optimization opportunities
• Perform ongoing rule and policy reviews across security controls (e.g., firewall, WAF, proxy) to improve effectiveness and reduce noise
• Develop and refine use cases, alerts, and dashboards in Splunk to enhance visibility and detection capabilities
• Translate security telemetry into actionable insights and recommendations for tuning policies and improving security posture
• Partner with engineering and operations teams to implement data-driven improvements and automation opportunities
• Evaluate alert fidelity and reduce false positives through tuning, correlation, and enrichment strategies
• Support incident investigations by analyzing logs, network traffic, and security events to determine root cause and impact
• Build and maintain reporting that communicates security posture, trends, and key metrics to technical and non-technical stakeholders
• Identify and implement automation opportunities across security workflows to improve efficiency and response times
• Contribute to continuous improvement of security standards, processes, and best practices
• Maintain clear and accurate documentation of analysis, findings, and recommended changes
• Stay current with emerging threats, detection techniques, and security analytics best practices

5+ years of experience in a Cybersecurity / Network Security Analyst role within an enterprise SOC or operations environment Strong hands-on experience with Splunk (or similar SIEM) including query development (SPL), alerting, and dashboard creation Proven experience in threat hunting and detection engineering using network and security telemetry Deep familiarity with Palo Alto firewalls, Zscaler, and Imperva (or similar WAF technologies) Experience performing policy tuning and rule optimization across network security controls Strong understanding of network protocols, traffic analysis, and attack techniques (e.g., lateral movement, C2, exfiltration) Experience with tools such as FireMon, Backbox, RSA, SolarWinds, Wireshark, and ServiceNow Familiarity with MITRE ATT&CK framework and applying it to detection coverage and threat hunting Working knowledge of identity systems (Entra ID / Active Directory) and their integration with security telemetry Scripting or automation experience (Python, PowerShell, or similar) for improving workflows and detections Strong analytical mindset with the ability to turn raw data into actionable security improvements Experience working in distributed or hybrid team environments Excellent communication skills, with the ability to clearly present findings and recommendations to both technical and business stakeholders Relevant certifications such as GSEC, GCIA, GCDA, CCSP, or CISSP preferred

TECHNICAL SKILLS Must Have

• 5+ years of experience in a Cybersecurity / Network Security Analyst role within an enterprise SOC or operations environment

• Deep familiarity with Palo Alto firewalls, Zscaler, and Imperva (or similar WAF technologies)

• Experience performing policy tuning and rule optimization across network security controls

• Experience with tools such as FireMon, Backbox, RSA, SolarWinds, Wireshark, and ServiceNow

• Familiarity with MITRE ATT&CK framework and applying it to detection coverage and threat hunting

• Proven experience in threat hunting and detection engineering using network and security telemetry

• Scripting or automation experience (Python, PowerShell, or similar) for improving workflows and detections

• Strong hands-on experience with Splunk (or similar SIEM) including query development (SPL), alerting, and dashboard creation

• Strong understanding of network protocols, traffic analysis, and attack techniques (e.g., lateral movement, C2, exfiltration)

• Working knowledge of identity systems (Entra ID / Active Directory) and their integration with security telemetry Nice To Have

• Relevant certifications such as GSEC, GCIA, GCDA, CCSP, or CISSP preferred