Remote Security Analyst (Tier 2) - X3

Swoon Group
Austin, TX
22 Nov 2024

Vacancy expired!

12 month contract - 3 open positions! Remote Security Analyst (Tier 2) - 56049 Tier 2 Analysts are responsible for:

  • Determining service impact of security events.
  • Alerting customers to possible malicious activity.
  • Working tickets via ticketing system.
  • Creating tickets for various needs of the SOC.
  • Research and data collection of events of interest.
  • Engaging support of Tier 3 Analysts, Network Operations Center (NOC), Network Engineers and/or the CSIRT (Computer Security Incident Response Team) when necessary.
Responsibilities
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Receive and analyze security alerts from various sources within the enterprise and determine possible causes of such alerts.
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
  • Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
  • Assists in developing cybersecurity recommendations to Tier 3 based on significant threats and vulnerabilities.
  • Work security tickets within established SLAs and escalate to Customer or Tier 3 as needed, establish false positive, or contact customer as needed.
  • Provide guidance and mentorship to other SOC personnel.
  • Contribute to the creation of process documentation and training materials.
The preferred candidate is REQUIRED to have:
  • Three (3) to five (5) years of Security Incident Response, Security Operations Center, and/or threat analysis experience.
  • Demonstrated experience using either an Enterprise and or cloud Security SIEM technologies as an analyst.
  • Ability to support and work across multiple customer and bespoke systems.
  • Must be able to pass a CJIS background check process and other background checks to comply with customers contracts.
  • Strong Documentation (SOP/Standard Operations Procedure) development.
  • Understanding of Ticket Flow.
  • Strong Trouble Shooting Skills.
  • Understanding of how to read inbound and outbound traffic.
  • Complete basic safety and security training to meet the customer requirements.
  • Ability to work a rotating shift and on-call schedule as required.
  • CompTIA Security + certification or equivalent/higher
  • Selected candidates must be s.
#dcejobs

Job ID: 56049 Id: 56049
  • ID: #23263306
  • State: Texas Austin 78745 Austin USA
  • City: Austin
  • Salary: USD TBD TBD
  • Job type: Contract
  • Showed: 2021-11-22
  • Deadline: 2022-01-20
  • Category: Security