The Cyber Security Analyst reports directly to the Infrastructure Service Delivery Manager (SDM) and will help deliver and support the City of Anaheim's Security, Threat and Vulnerability resolution, and report and communicate on security events and threats. The Cyber Security Analyst will support day-to-day operations with the SAIC Security Operations Center (Oak Ridge, TN), Service Desk and cross-functional teams. Primary Responsibilities:
- Perform and document root cause analysis for security incidents.
- Perform and document vulnerability analyses
- Develop cyber security analytics and threat intelligence using multiple data sources provided to the Security Information and Event Management (SIEM) system.
- Work closely with the SAIC SOC to identify and recommend process and system improvements to the security program.
- Drive the capabilities and execution to effectively optimize and improve enterprise security.
- Demonstrate knowledge of security services and implementations.
- Investigate, positively identify, and document anomalous events and incidents that are escalated by Tier 1 SAIC SOC engineers.
- Create cyber security incidents and oversee the cyber security incident response process. Examine cyber adversary techniques in order to develop defensive methodologies.
- Conduct risk analysis and convert it into actionable monitoring recommendations to be conducted by the SAIC SOC.
- Conduct vulnerability assessments and recommend remediation and mitigation strategies and implementations to ensure effective achievement of the organizational objectives.
- Provide support for security incidents throughout the incident lifecycle as needed and make recommendations to ensure enterprise infrastructure is protected.
- Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
- Working with the Infrastructure SDM, develop and oversee implementation of a metrics program for reporting on overall SAIC SOC performance and effectiveness.
- Bachelor degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field and a minimum of five years of experience in Cyber Security.
- Must be able to meet all Law & Justice and departmental clearance requirements prior to starting work and be eligible to pass law enforcement level background investigations and obtain U.S. SECRET (or similar) clearances as required.
- Demonstrated Experience with Cyber Intelligence & Vulnerability Assessment including expert experience in at least two of the following areas:
(a) Vulnerability Assessment;
(b) Intrusion Prevention and Detection;
(c) Access Control and Authorization;
(d) Policy Enforcement;
(e) Application Security;
(f) Protocol Analysis;
(g) Firewall Management;
(h) Incident Response;
(j) Web - filtering;
(k) Advanced Threat Protection Desired Qualifications
ITIL Foundation Level or higher
Cisco WLAN certification
Experience in Information Assurance Policy and Guidelines
NIST Special Publication 800-53
NIST Cybersecurity Framework
My SAIC Benefits.