Job Description
Overview:
We are seeking a dedicated Security Operations Center (SOC) Analyst who is passionate about cybersecurity and enjoys diving deep into investigations and threat hunting. In this role, you will be a key player in our 24/7 SOC, where you'll leverage your expertise with Splunk and other SIEM technologies to protect our clients in the government sector.
Location:
This position is ideally based in Austin, TX, but we welcome exceptional remote candidates.
---
### Key Responsibilities:
- Network Traffic Analysis: Monitor and analyze network traffic to identify any suspicious activity or potential threats.
- Incident Management: Document and escalate incidents, including event history and potential impacts, to ensure a timely response.
- Trend Analysis: Conduct cyber defense trend analysis and reporting to stay ahead of potential threats.
- Event Correlation: Use various sources of information to correlate events and gain situational awareness, enhancing our defensive strategies.
- Alert Monitoring: Analyze alerts from multiple sources and determine their causes, distinguishing between benign and malicious activities.
- Continuous Monitoring: Utilize cyber defense tools to consistently monitor system activities for any signs of malicious behavior.
- Malicious Activity Analysis: Investigate identified threats to understand exploitation methods and recommend necessary corrections.
- Research and Documentation: Conduct comprehensive research across various data sets and create procedures for SOC staff.
- Training and Mentorship: Provide guidance and support to fellow analysts as needed.
- External Monitoring: Keep an eye on external sources for current cyber defense threats and provide cybersecurity recommendations based on significant findings.
---
### Candidate Requirements:
We are looking for a candidate who possesses strong communication skills, both written and verbal, and is comfortable presenting information to colleagues and clients alike.
Basic Qualifications:
- At least 8 years of experience in Security Incident Response, Security Operations Center, or threat analysis.
- Proven experience with either Enterprise/MSSP or cloud Security SIEM technologies.
- Ability to work across multiple customer and bespoke systems.
- Must pass a CJIS background check and other relevant background checks.
- Completion of basic safety and security training as per customer requirements.
- Willingness to work rotating shifts and be part of an on-call schedule as needed.
- CompTIA Security+ certification or an equivalent/higher certification.
- Splunk Power User Certification is required.
- Must be a U.S. citizen.
Preferred Qualifications:
- Industry certifications such as Certified Ethical Hacker (CEH) or Certified Incident Handler (GCIH/ECIH) are a plus.
- Familiarity with other certifications like CompTIA Networking+, Azure Sentinel, and Devo will be beneficial.
---
### Qualifying Experience and Attributes:
The ideal candidate should demonstrate:
- Proficiency in creating and maintaining custom reports and dashboards using SIEM tools.
- Experience in developing use cases to tailor alerts according to customer needs.
- Ability to work independently with minimal oversight while interpreting data collected from network tools.
- Knowledge of networking concepts, cybersecurity methodologies, and incident response practices.
- Understanding of various attack vectors, including insider threats and emerging technologies.
- Familiarity with cybersecurity frameworks, regulations, and compliance standards.
---
### Join Us!
If you're ready to make a difference in the cybersecurity field and work in a dynamic environment, we encourage you to apply. Your expertise will help us safeguard our clients and contribute to a safer digital landscape.
Employment Type: Full-Time
Salary: $ 40,000.00 140,000.00 Per Year
Job Tags
Full time, Shift work, Rotating shift,