We are seeking a Cyber SOC Analyst -
Job Responsibilities Include:
• Monitoring dashboards and intrusion detection and prevention systems (IDS/IPS)
• Performing initial analysis and investigation into alerts as they are seen (to include anti-virus and phishing alerts
• Performing initial malware analysis utilizing automated means
• Supporting cyber defense functions to protect our clients from cyber security incidents that have potential to cause negative impact
• Incident intake, ticket updates and reporting of cyber events
• Use SOC monitoring devices (SIEM, IDS, DLP) to review and analyze pre-defined events indicative of incidents
• Understanding, identifying and researching IOCs
• Uploading packets and evaluating source/destination activity and payloads
• Assisting in recommendations for content to detect incidents, including IOCs for blocking and detection
This position requires the ability to work a shift schedule and support coverage efforts on a 24x7x365 basis which includes work on holidays, nights, & weekends.
Support component involves handling of tickets, change requests, and working with end users if problems arise. Candidate is expected to work closely with team members in addition to key vendors and other IT teams (Workstation Design & Support, Data Network, Server Support, etc.).
• Fill the role of a 24x7 Cyber Defense Center (CDC).
• Perform Security Incident Response activities for multiple organizations, coordinate to record and report incidents
• Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation
• Recognize potential, successful, and unsuccessful intrusion attempts and compose thorough reviews and analysis of relevant event detail and summary information
• Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
• Assist with implementation of counter-measures or mitigating controls
• Ensure the integrity and protection of networks, systems and applications
• Enforcement of organizational security policies through monitoring of vulnerability scanning devices
• Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance
• Prepare incident reports of analysis methodology and results
• Maintain current knowledge of relevant technology as assigned
• Participate in special projects as required
• Monitor security systems, servers, and various access issues on a variety of different systems within our clients' environment. Issues frequently include intrusion detection and malware infected PC's. The person in this role will be required to monitor, troubleshoot, and resolve these issues in an Security Operations Center environment
• 3+ years of experience in a Technical Support role
• Familiarity with monitoring and security tools, such as Splunk, OpenVAS, Nessus, AlienVault, FortSIEM/Accelops, SolarWinds, NMAP or similar security tool
• Basic understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, routing and switching, etc.)
• Must have experience monitoring IT security systems OR experience monitoring network devices with a strong interest in cyber security
• Must be available to work any day and any shift
• Candidate must have ability to effectively communicate in English (written and verbal)
• Candidate must have authorization to work for any employer in the US without sponsorship
Engenium Staffing Inc
Why Work Here?We are a staffing firm focused on Professional, Technical and Engineering roles in Emerging and High Demand verticals including Medical Simulation, Flight Simulation, and Serious Gaming sectors.
Work for our growing company!