SOC (Security Operations Center) Senior Threat Analyst 1 (Nights / Weekends) - Specialist 2

• Perform many critical functions within the Threat Management discipline including staffing
  
  24x7x365 coverage at the City?s Security Operations Center (SOC) augmenting FTE shift
  
  schedules including days, nights, weekends, and holidays.
  
  
• Interface with Cyber Command teams internally, with City agencies, vendors, and
  
  information-sharing partners.
  
  
• Monitor City networks and security alerts for intrusion, attempted compromise, and
  
  anomalous behavior; apply mitigation techniques or escalation factors; correlate threat
  
  intelligence across various logs collected by established security controls.
  
  
• Produce routine SOC metrics & reporting.
  
  
• Maintain situation reports (SITREPS)
  
  
• Perform weekly quality control checks.
  
  
• Works closely with SOC Director on incident preparation including the continuous
  
  development of new SOC playbooks and runbooks.
  

Requirements

• For a senior position, leadership this includes the ability to lead and mentor junior analysts,
  
  coordinate team activities, and manage SOC operations effectively.
  
  
• Prior experience working in a SOC environment is mandatory. This includes familiarity with
  
  
• SOC operations, procedures, and tools such as SIEM (Security Information and Event
  
  
• Management) systems, intrusion detection/prevention systems (IDS/IPS), and endpoint
  
  detection and response (EDR) tools.
  
  
  DESIRABLE SKILLS/EXPERIENCE:
  
  
• Knowledge of cybersecurity principles, practices, and procedures
  
  
• Strong understanding of network and host technologies
  
  
• Experience applying techniques for detecting host and network-based intrusion using IDS
  
  methods and technologies.
  
  
• Experience with SIEM technologies, malware analysis and mitigation techniques