Discover Your Next Cybersecurity Role!
Title : Information Security Analyst - I
Duration: 12+ Months (possible extension)
Location: 100% Remote in Temple Terrace, FL; Cary, NC; Ashburn, VA
REMOTE MODEL: 4pm - 12am EST shift and/or 12am - 8am EST shift
The Tier-1 Security Analyst represents the entry point into the Security Operations Center (SOC).
The SOC Security Analyst will perform basic security monitoring, handle common issue types, and perform basic incident response activities.
The duties of the SOC Security Analyst (Tier 1) include the following:
Duration: 12+ Months (possible extension)
Location: 100% Remote in Temple Terrace, FL; Cary, NC; Ashburn, VA
REMOTE MODEL: 4pm - 12am EST shift and/or 12am - 8am EST shift
The Tier-1 Security Analyst represents the entry point into the Security Operations Center (SOC).
The SOC Security Analyst will perform basic security monitoring, handle common issue types, and perform basic incident response activities.
The duties of the SOC Security Analyst (Tier 1) include the following:
- Provide “eyes on glass” real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing SIEM and cybersecurity tools.
- Performing level 1 assessment of incoming alerts (assessing the priority of the alert, determining the severity of the alert concerning the customer environment, correlating additional details) and coordinating with Senior Analysts for high-priority incidents, if necessary.
- Provide basic security event detection and initial triage of security events, opening tickets in designated ticketing systems within SLO and/or SLA guidelines.
- Performing administrative routines of SOC like evaluating reports and SIEM dashboards, reviewing ticket escalations.
- Incoming call handling from and initiating trouble tickets, if applicable.
- Provide health and availability analysis, opening tickets in designated ticketing systems within SLO and/or SLA guidelines.
- Follow documented escalation procedures.
- Identify recurring incidents for problem management purposes.
- Coordinate with Senior Analysts for high-priority incidents.
- Associate degree in Computer Science, Information Security, or a similar discipline.
- Strong documentation and communication skills.
- Exceptional problem-solving skills.
- Proactive in engaging with customers, client executives, and Telecommunication management teams.
- Basic knowledge of network technologies.
- Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), RCF 1918, and common attacks against TCP/IP protocol.
- Knowledge of Client Windows and Server Operating Systems.
- Basic understanding of threat landscape and indicators of compromise.
- At least 1-3 years Security related experience.
- Clear and concise written and oral English.
- Bachelor or higher degree in Computer Science, Information Security, or similar discipline.
- Information Technology security-related certifications like CompTIA A+, Network+, Security+, Linux, Cisco CCNA, Client Certified Azure Fundamentals, AWS Cloud Practitioner or SANS GSEC.
- Understanding of command line scripting and implementation (i.e. Python, PowerShell, Bash Shell).
- Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, Sentinel, Chronicle, SOAR, etc.).
- Experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Splunk ES, SNORT, Yara, IronPort, Firepower, SOAR, etc.
- Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)
- Ability to perform NetFlow / packet capture (PCAP) analysis.
- Experience with basic cyber threat hunting.