Job ID: VA-704036 (94790303)
Hybrid/Local Security Analyst (Security+) with vulnerability, SOC, incident management, helpdesk, SIEM experience
Location: Richmond, VA (DMV)
Duration: 12 months
*candidates local to Richmond, VA only
*candidates will work onsite at first, then will work onsite at least three days each week
*first round of interviews via video. If a second interview is requested, it will be an onsite interview, NO exceptions
Skills:
Minimum of 3 years of work experience in the subject area. Industry professional certification in the relevant subject area (i.e. – Security+, etc.)Required3Years
Generating vulnerability and security assessment reportsRequired3Years
Manage security-monitoring toolsRequired3Years
The primary purpose of this position is to help coordinate and report on cyber incidents impacting the Agency. Also, involves critical duties…responsibilities that must continue to be performed during crisis situations and contingency operations.
The Tier 1 SOC Analyst is responsible for working in a 24×7 Security Operation Center (SOC) environment focusing on reviewing and assigning urgency to potential threats and are the front line when reporting security incidents. Tier 1 SOC Analysts run vulnerability and security assessment reports, manage security-monitoring tools, and perform cybersecurity incident helpdesk functions.
General duties for this role include, but are not limited to:
•Monitor security events received through alerts from SIEM or other security tools.
•Carry out Level 1 triage of incoming issues (initially assessing the priority of the event, the initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request).
•Provides knowledge in threat intelligence and cyber security defense.
•Develops, researches, and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption.
•Identifies, deters, monitors, and investigates computer and network intrusions.
•Provides computer forensic support to high technology investigations in the form of evidence seizure, computer forensic analysis, and data recovery.
•Conducts incident response according to the departmental breach response process.
•Leads threat intelligence and incident response.
•Carry out limited incident response to end users for low-complexity security incidents.
•Maintain assigned ticket queue.
•Participate actively in the resolution of incidents, even after they are escalated.