Endpoint Detection and Response Analyst

Job ID: IA-801624

Remote Endpoint Detection and Response Analyst (12+) with Crowdstrike, EDR tools experience

Location: Des Moines, IA (SLF)
Duration: 2 Months

Skills:
Hands on experience working with Endpoint Detection and Response (EDR) tools Required 3 Years
Experience responding to cyber security events and incidents Required 3 Years
Experience working with Crowdstrike, or comparable EDR tool Required 3 Years
Ability to work in high pressure, fast paced environments Required 3 Years

Job Description:

Position Summary:
The State of Iowa is seeking an experienced Security Operations Center (SOC) Analyst with strong expertise in Endpoint Detection and Response (EDR) tools and cybersecurity incident handling. The ideal candidate will thrive in a fastpaced environment with aggressive timelines and will be responsible for monitoring, analyzing, and responding to events and alerts supporting statewide IT systems. This is a remote position.

Required Experience:
Handson experience working with Endpoint Detection and Response (EDR) tools
Experience responding to, and analyzing, cybersecurity events and incidents
Experience working with Crowdstrike, or comparable EDR tool
Ability to work in highpressure, fastpaced environments

Experience working with CrowdStrike or comparable EDR tool

Responsibilities:
Provide security monitoring and response efforts for, and in coordination with, the Security Operations Center (SOC)
Lead outreach and coordination with statewide partners, including County, Municipal, and educational entities

Strong communication, reporting, and documentation abilities

Monitor, analyze, and respond to cyber-security events, alerts, and incidents affecting State of Iowa IT systems
Take appropriate actions to protect IT assets from potential incidents and threats
Document and report changes, trends, and implications related to evolving cyber-security tools, systems, and solutions
Follow SOC processes and assist ISD Security Engineers and OCIO support teams during alerts, events, and incidents
Submit new events and update existing events within the SOC ticketing system
Provide phone and email support to state agencies and participating partners during alerts, events, and incidents
Provide offhours or adhoc shift support as required

Proven ability to collaborate effectively with partners across varying technical backgrounds
Capability to perform Tier 1 troubleshooting, including log collection, documentation review, and appropriate escalation
Maintain uptodate knowledge on relevant cyber-security technologies and tools
Support Tier 1 SOC Analysts in triaging cyber-security events, alerts, and incidents
Follow detailed operational procedures to analyze, escalate, and support remediation of critical security incidents
Assist with SOC metrics, reporting, and communications
Support incident response activities up to the preliminary forensics stage
Monitor EDR tools and perform initial assessment and data gathering for alerts

Regards

Chris Walter