Junior Security Analyst Jobs

Task Description

This position will be a member of a dedicated security team within IBM Consulting Federal. In this role, the Jr. SOC analyst will support a dedicated 24x7x365 operation for a Federal program. The Jr. SOC Analyst will be responsible for monitoring for alerts for potential threats & security anomalies, analyzing content of those alerts & providing a written analysis for each. The analyst will work closely with Tier 2 SOC analysts who will serve as their escalation point.

Required Skills

• Experience SOC operations including but not limited to: Alert and notification activities- analysis / triage / response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported Incidents
• Experience utilizing enterprise security technologies such as SIEM/SOAR, NGAV/EDR, Vulnerability Scanners, and Threat Intelligence Platforms.
• CEH, CFR, CCNA Cyber Ops , CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+
• Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.
• Experience and ability to use and follow Standard Operating Procedures (SOPs)
• Solid understanding and experience analyzing security events generated from security tools and devices not limited to: Crowdstrike and Palo Alto
• Background in incident response, system/network operations and threat intelligence.
• Understanding of possible attack activities such as network reconnaissance probing/ scanning, DDOS, malicious code activity, etc.
• Understanding of security incident response processes
• Analyzing system and network logs for security events, anomalies, and configuration issues.
• Experience working with SIEM technology to monitor and manage security events.
• Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response
• In-depth experience with processing and triage of Security Alerts; from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources
• Compliance with DoD 8570.02 and DoD 8140.01
• Demonstrated experience and understanding of event timeline analysis and correlation of events between log sources
• 1+ years of experience working in a 24x7x365 SOC environment.
• Demonstrated experience of the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools
• Experience and solid understanding of Malware analysis
• Demonstrated experience with triage and resolution of SOC tasks; including but not limited to: vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis
• Demonstrated proficiencies with an enterprise SIEM or security analytics solution including the Elastic Stack or Splunk.

Nice To Have Skills

Understanding and experience with Federal Security Standards such as NIST and DoD