Vacancy expired!
12 month contract - 3 open positions! Remote Security Analyst (Tier 2) - 56049 Tier 2 Analysts are responsible for:
- Determining service impact of security events.
- Alerting customers to possible malicious activity.
- Working tickets via ticketing system.
- Creating tickets for various needs of the SOC.
- Research and data collection of events of interest.
- Engaging support of Tier 3 Analysts, Network Operations Center (NOC), Network Engineers and/or the CSIRT (Computer Security Incident Response Team) when necessary.
- Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
- Receive and analyze security alerts from various sources within the enterprise and determine possible causes of such alerts.
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
- Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
- Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
- Assists in developing cybersecurity recommendations to Tier 3 based on significant threats and vulnerabilities.
- Work security tickets within established SLAs and escalate to Customer or Tier 3 as needed, establish false positive, or contact customer as needed.
- Provide guidance and mentorship to other SOC personnel.
- Contribute to the creation of process documentation and training materials.
- Three (3) to five (5) years of Security Incident Response, Security Operations Center, and/or threat analysis experience.
- Demonstrated experience using either an Enterprise and or cloud Security SIEM technologies as an analyst.
- Ability to support and work across multiple customer and bespoke systems.
- Must be able to pass a CJIS background check process and other background checks to comply with customers contracts.
- Strong Documentation (SOP/Standard Operations Procedure) development.
- Understanding of Ticket Flow.
- Strong Trouble Shooting Skills.
- Understanding of how to read inbound and outbound traffic.
- Complete basic safety and security training to meet the customer requirements.
- Ability to work a rotating shift and on-call schedule as required.
- CompTIA Security + certification or equivalent/higher
- Selected candidates must be s.