SOC Analyst

Required:

• Assist in building and maintaining Splunk dashboards to support visibility into security events, alerts, and trends.
• Monitor network intrusion detection system (NIDS) logs to help identify unusual traffic patterns or potential threats.
• Analyze host-based intrusion detection system (HIDS) alerts to support detection of suspicious endpoint behavior.
• Review and interpret proxy logs to identify suspicious or unauthorized internet activity, such as access to malicious domains or data exfiltration attempts.
• Collaborate with senior Security analysts to investigate and validate potential threats or indicators of compromise.
• Document findings and assist in escalating verified threats in accordance with procedures and threat hunting playbooks.

 Additional Information:

• Supports Information Technology Division by assisting professional staff with securing and maintaining law enforcement information systems. Performs technical and administrative tasks to help enforce security procedures, monitor system activity, and maintain compliance with agency policies and CJIS standards.
• The ideal candidate is detail-oriented, reliable, and has a foundational understanding of IT operations and cybersecurity principles. Familiarity with security practices, system administration, or law enforcement IT environments is preferred. As part of on-the-job training, the selected candidate may rotate through various duties to gain a comprehensive perspective that integrates law enforcement operations, CJIS compliance, and industry best practices.