IA-DOM-DOIT-SA2-Endpoint Detection & Response

Engagement Type

Contract

Short Description

The

State of Iowa is seeking an experienced Security Operations Center (SOC)

Analyst with strong expertise in Endpoint Detection and Response (EDR) tools

and cybersecurity incident handling.

Complete Description

This position will renew annually on 7/1





Position Summary:



The State of Iowa is seeking an experienced Security Operations Center (SOC)

Analyst with strong expertise in Endpoint Detection and Response (EDR) tools

and cybersecurity incident handling. The ideal candidate will thrive in a fastpaced

environment with aggressive timelines and will be responsible for monitoring,

analyzing, and responding to events and alerts supporting statewide IT systems.

This is a remote position.





Required Experience:



Handson experience working with Endpoint Detection and Response (EDR) tools



Experience responding to, and analyzing, cybersecurity events and incidents



Experience working with Crowdstrike, or comparable EDR tool



Ability to work in highpressure, fastpaced environments





Experience working with CrowdStrike or comparable EDR tool





Responsibilities:



Provide security monitoring and response efforts for, and in coordination

with, the Security Operations Center (SOC)



Lead outreach and coordination with statewide partners, including County,

Municipal, and educational entities





Strong communication, reporting,

and documentation abilities





Monitor, analyze, and respond to

cyber-security events, alerts, and incidents affecting State of Iowa IT systems



Take appropriate actions to protect IT assets from potential incidents and

threats



Document and report changes, trends, and implications related to evolving

cyber-security tools, systems, and solutions



Follow SOC processes and assist ISD Security Engineers and OCIO support teams

during alerts, events, and incidents



Submit new events and update existing events within the SOC ticketing system



Provide phone and email support to state agencies and participating partners

during alerts, events, and incidents



Provide offhours or adhoc shift support as required





Proven ability to collaborate effectively with partners

across varying technical backgrounds



Capability to perform Tier 1 troubleshooting, including log collection,

documentation review, and appropriate escalation



Maintain uptodate knowledge on relevant cyber-security technologies and

tools



Support Tier 1 SOC Analysts in triaging cyber-security events, alerts, and

incidents



Follow detailed operational procedures to analyze, escalate, and support

remediation of critical security incidents



Assist with SOC metrics, reporting, and communications



Support incident response activities up to the preliminary forensics stage



Monitor EDR tools and perform initial assessment and data gathering for

alerts

Required/Desired Skills

Skill	Required/Desired	Amount	of Experience
Hands on experience working with Endpoint Detection and Response (EDR) tools	Required	3.0	Years
Experience responding to cyber security events and incidents	Required	3.0	Years
Experience working with Crowdstrike, or comparable EDR tool	Required	3.0	Years
Ability to work in high pressure, fast paced environments	Required	3.0	Years