Security Operations Center Analyst

Position Description : Security Analyst as part of the OIT Security Operations Center responsible for continuously monitoring and analyzing security events and alerts from various sources, such as endpoint detection and response (EDR) systems, security information and event management (SIEM) systems, and cloud security controls to identify threats to State data or systems, and coordinate incident response functions.

• Investigates and analyzes incidents, determines impacts, and takes appropriate actions toward mitigations.
• Follows incident response procedures, coordinates with other teams and documents incidents.
• Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
• Analyze log files from various sources to identify possible threats to network security.
• Perform cyber defense incident triage, including determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
• Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support Cybersecurity Incident Response Teams (CIRTs).
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
• Track and document cyber defense incidents from initial detection through final resolution.
• Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.

Skills Required : Possess analytical and communication skills to effectively investigate a problem and find the ideal solution promptly and efficiently. Strong ability to work effectively in collaboration with other members of a team and other professionals with minimal supervision. Strong ability to quickly learn new processes and technologies and adapt to changes in sequences and timelines. Strong written and verbal skills in discussing security analysis to derive conclusions and make recommendations. Being knowledgeable about the cybersecurity threat landscape.

Skills Preferred :

Experience Required : Two to three years of experience in two or more of the following areas : Local / wide area network design or support; Information security administration; Database system design, maintenance, or support; Systems Administration

Experience Preferred :

Education Required : An associate degree in Information Technology or CompTIA Security Certification

Education Preferred :

Additional Information :