It Security Analyst I

Position: IT Security Analyst I

Location: Remote

Duration: 6 Months

Job Type: Contract

Work Type: Remote

Pay Rate: $28-$28/hr. on W2

:

• Educational and personal experience with network/systems administration and/or information security-related work is necessary.
• This is an entry to mid-level position in Cyber Security, targeted toward individuals with 0-3 years of experience.
• Client is seeking a SOC Cyber Analyst.

Responsibilities:

• SOC Analysts have opportunities for mentorship from more senior members of the team, involvement with maturing procedures, evaluating new security technologies, incident response, and the freedom to try out new ideas and technologies to improve the SOC.
• This includes the following procedures to triage and investigate security alerts, phishing emails, and escalate issues as necessary.
• SOC Analysts are responsible for monitoring and maintaining systems used in our internal security program.

Duties:

• Attend and fully engage in team and customer meetings
• He/she will be part of rotating SOC shifts supporting 24/7 coverage.
• This is a customer-facing role in a hybrid delivery model
• Become a deep technical resource that earns our customer’s trust
• Apply and retain learned knowledge across key lines of business, including products, practices, and procedures
• Makes recommendations, creates, modifies, and updates Intrusion Detection Systems (IDS) and Security Information Event Management (SIEM) tool rules
• Nights and weekends can be performed remotely after sufficient training and familiarization.
• Performs network security monitoring, security event triage, and incident response for a mid-size organization, coordinates with other team members, management to document and report incidents
• Take on Security Operations responsibilities when not on a SOC shift: This includes but is not limited to vulnerability scanning
• Monitors and analyzes Intrusion Detection Systems (IDS), Security Orchestration
• Innovate on behalf of customers; translate your thoughts into action yielding measurable results
• Ensure that we are implementing best practice security policies that address the client's business need while protecting their vital corporate assets
• Maintains records of security events investigated and incident response activities, utilizing case management and ticketing systems
• Other continuous education and training in the security field
• Automation Response (SOAR) alerts and Security Information and Event Management (SIEM) to identify security issues for remediation

REQUIRED:

• Ability to work in a team environment with a proven history of being able to collaborate successfully with team members.
• Experience working with common security tools and products:
• Strong interpersonal skills, ability to mentor/train staff and bring awareness to current and emerging threats
• Proven ability to multitask, thrive, and prioritize responsibilities in a fast-paced environment
• Knowledge of Runbooks, Playbooks and following Standard Operating Procedures
• BS/BA degree in Computer Science, Information Systems, or related discipline or equivalent experience
• Strong written and verbal communications skills with an ability to present technical risks and issues to non-technical audiences
• 1 – 3 years of professional work experience in Security Operation Security (SOC)
• Strong analytical skills to define risk, identify potential threats and develop action/mitigation plan

Desired:

• Linux OS and scripting skills. OSX and Windows skills are a plus
• Endpoint Security (e.g. Carbon Black Enterprise Protection, Carbon Black Enterprise
• Analyzing Phishing Emails is a plus
• Response, Symantec, McAfee, Forefront)
• Firewalls (e.g. PaloAlto Networks, Checkpoint, Cisco ASA, Juniper SSG,PFSense, etc..) is a plus
• System Analysis and Forensic Tools (e.g. FTK, EnCase) are a plus
• Cyber Security Certifications: Security +, CySa+, CASP, SAN GIAC Certifications (GCIH,GPEN, GSEC, etc.), etc. are a plus
• Network Analysis Tools (e.g. Netwitness, Wireshark)
• Log Management and SIEM (e.g. Splunk, IBM QRadar, HP ArcSight) is a plus
• SOAR Platforms (e.g. Siemplify, Resilient) are a plus
• Various Open-Source security and networking tools (MRTG, SysInternals, Whatsup Gold)

TekWissen® Group is an equal opportunity employer supporting workforce diversity.