Information Security Analyst - II

Overview

On Site
USD 40.00 - 45.00 per hour
Full Time

Skills

Preventive Maintenance
Project Management
Performance Management
Security Operations
Incident Management
Tier 1
Real-time
Cyber Security
System On A Chip
SIEM
SLA
Problem Management
Documentation
Communication
Conflict Resolution
Problem Solving
Customer Relationship Management (CRM)
Network
Internet
TCP/IP
Microsoft Windows
Operating Systems
English
Computer Science
Information Security
IT Security
CompTIA
Network+
Security+
Linux
Cisco
Cisco Certifications
Microsoft
Microsoft Azure
Amazon Web Services
Cloud Computing
SANS
GSEC
Command-line Interface
Python
Windows PowerShell
Bash
Scripting
Dashboard
IBM QRadar
RSA
Netwitness
Active Directory
Cisco IOS
Splunk
Elasticsearch
Snort
IronPort
Computer Networking
TCP
Intellectual Property
IP
Firewall
Proxies
IDS
IPS
NetFlow
Privacy
Marketing

Job Details

Location: Reston, VA
Salary: $40.00 USD Hourly - $45.00 USD Hourly
Description: Our client is currently seeking a Information Security Analyst - II

Title: Information Security Analyst - I

Location: Temple Terrace, FL; Cary, NC; Ashburn, VA (Remote)

Duration: Long Term Contract

JOB DESCRIPTION

4pm-12am EST shift and/or 12am-8am EST shift

The Tier-1 Security Analyst represents the entry point into the Security Operations Center (SOC).

The SOC Security Analyst will perform basic security monitoring, handle common issue types, and perform basic incident response activities.

The duties of the SOC Security Analyst (Tier 1) include the following:

Provide "eyes on glass" real-time security monitoring in a 24x7 environment by monitoring security infrastructure and security alarm devices for Indicators of Compromise utilizing SIEM and cybersecurity tools.

Performing level 1 assessment of incoming alerts (assessing the priority of the alert, determining the severity of the alert concerning the customer environment, correlating additional details) and coordinating with Senior Analysts for high-priority incidents, if necessary.

Provide basic security event detection and initial triage of security events, opening tickets in designated ticketing systems within SLO and/or SLA guidelines.

Performing administrative routines of SOC like evaluating reports and SIEM dashboards, reviewing ticket escalations.

Incoming call handling from and initiating trouble tickets, if applicable.

Provide health and availability analysis, opening tickets in designated ticketing systems within SLO and/or SLA guidelines.

Follow documented escalation procedures.

Identify recurring incidents for problem management purposes.

Coordinate with Senior Analysts for high-priority incidents.

Required Skills & Expertise:

Associate degree in Computer Science, Information Security, or a similar discipline

Strong documentation and communication skills

Exceptional problem-solving skills

Proactive in engaging with customers, client executives, and Client management teams

Basic knowledge of network technologies

Knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), RCF 1918, and common attacks against TCP/IP protocol

Knowledge of Microsoft Windows and Server Operating Systems

Basic understanding of threat landscape and indicators of compromise

At least 1-3 years Security related experience

Clear and concise written and oral English

Desired Skills & Experience:

Bachelor or higher degree in Computer Science, Information Security, or similar discipline

Information Technology security-related certifications like CompTIA A+, Network+, Security+, Linux, Cisco CCNA, Microsoft Certified Azure Fundamentals, AWS Cloud Practitioner or SANS GSEC

Understanding of command line scripting and implementation (i.e. Python, PowerShell, Bash Shell)

Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, Sentinel, Chronicle, SOAR, etc.)

Experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Splunk ES, SNORT, Yara, IronPort, Firepower, SOAR, etc.

Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)

Ability to perform NetFlow / packet capture (PCAP) analysis

Experience with basic cyber threat hunting

By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.

Contact:

This job and many more are available through The Judge Group. Please apply with us today!
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Judge Group, Inc.