Cyber Security Analyst

*Multiple Positions Open Across 1st, 2nd & 3rd Shift*

4 Days Per week, 10 Hours Per day (Sunday – Wednesday or Wednesday – Saturday)

Overview:

As a Security Operations Center (SOC) Analyst you will be responsible for the identification and tracking of potential security incidents across the enterprise. The Analyst is responsible for monitoring and responding to security event alerts, by performing log analysis investigations.

Responsibilities:

-Using an industry-leading SIEM in a shift environment to provide 24/7 Threat Response services.

-Evaluate and triage user-reported cyber security concerns via ticketing system or group mailbox

-Review and investigation of potentially suspicious emails submitted to SOC

- Performing thorough investigative analysis of potential cyber security threats based on log review, and documenting results that create a timeline that can be read and understood by both technical and non-technical personnel.

- Determining when cyber threat containment activity is required and performing containment.

- Working alongside SIEM and SOAR Content Engineers to tune and improve alerting.

Education:

-Bachelor’s Degree in Computer Science, Cyber Security or other related IT disciplines is preferred, but not required

-Other Certification(s): Network+, Security+, CySA+, CCSP, CCSK, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, AWS, Microsoft Azure Security Engineer or equivalent.

Experience:

-1-3 years of professional experience in an Information Security/Cyber Security related position

-Strong understanding of networking concepts & protocols (TCP/IP, UDP, DNS, DHCP, HTTP, HTTPS, VPN, etc.)

-Strong understanding of operating system architecture (Windows, UNIX, Linux, MacOS)

-Precise & concise written communication

-Organizational multitasking & commitment to follow-up

-Perform & document accurate investigative analysis for cyber security Threat Response in a fast-paced environment with rapidly shifting priorities

-Take the lead on investigative analysis and incident research

-Maintain regular and predictable attendance in a shift-based environment

-Perform any additional SOC tasks as directed by Manager or Director

Preferred Experience:

-Familiarity with NICE Security Framework & Principles

-Working experience and knowledge of two or more of the following security related technologies: Intrusion Prevention systems, Web Proxies, SIEM, SOAR, EDR, Firewalls, Web Application Scanner, Vulnerability Scanners, Malware Research Tools or Forensics Tools

-Provide input on policy direction & best practices

-Provide evidence of or obtain one or more certifications, including but not limited to Network+, Security+, CySA+, CCSP, CCSK, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, AWS, Microsoft Azure Security Engineer or equivalent