Location: Reston, VA
Salary: $40.00 USD Hourly - $45.00 USD Hourly
Description: Our client is currently seeking a Information Security Analyst - II
Title: Information Security Analyst - I
Location: Temple Terrace, FL; Cary, NC; Ashburn, VA (Remote)
Duration: Long Term Contract
JOB DESCRIPTION
4pm-12am EST shift and/or 12am-8am EST shift
The Tier-1 Security Analyst represents the entry point into the Security Operations Center (SOC).
The SOC Security Analyst will perform basic security monitoring, handle common issue types, and perform basic incident response activities.
The duties of the SOC Security Analyst (Tier 1) include the following:
• Provide "eyes on glass" real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing SIEM and cybersecurity tools.
• Performing level 1 assessment of incoming alerts (assessing the priority of the alert, determining the severity of the alert concerning the customer environment, correlating additional details) and coordinating with Senior Analysts for high-priority incidents, if necessary.
• Provide basic security event detection and initial triage of security events, opening tickets in designated ticketing systems within SLO and/or SLA guidelines.
• Performing administrative routines of SOC like evaluating reports and SIEM dashboards, reviewing ticket escalations.
• Incoming call handling from and initiating trouble tickets, if applicable.
• Provide health and availability analysis, opening tickets in designated ticketing systems within SLO and/or SLA guidelines.
• Follow documented escalation procedures.
• Identify recurring incidents for problem management purposes.
• Coordinate with Senior Analysts for high-priority incidents.
Required Skills & Expertise:
• Associate degree in Computer Science, Information Security, or a similar discipline
• Strong documentation and communication skills
• Exceptional problem-solving skills
• Proactive in engaging with customers, client executives, and Client management teams
• Basic knowledge of network technologies
• Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), RCF 1918, and common attacks against TCP/IP protocol
• Knowledge of Microsoft Windows and Server Operating Systems
• Basic understanding of threat landscape and indicators of compromise
• At least 1-3 years Security related experience
• Clear and concise written and oral English
Desired Skills & Experience:
• Bachelor or higher degree in Computer Science, Information Security, or similar discipline
• Information Technology security-related certifications like CompTIA A+, Network+, Security+, Linux, Cisco CCNA, Microsoft Certified Azure Fundamentals, AWS Cloud Practitioner or SANS GSEC
• Understanding of command line scripting and implementation (i.e. Python, PowerShell, Bash Shell)
• Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, Sentinel, Chronicle, SOAR, etc.)
• Experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Splunk ES, SNORT, Yara, IronPort, Firepower, SOAR, etc.
• Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)
• Ability to perform NetFlow / packet capture (PCAP) analysis
• Experience with basic cyber threat hunting
Subscribe to job alerts and upload your resume!
*By registering with our site, you agree to our
Terms and Privacy Policy.