Job ID: TX-529210065C (913190117)

Local/Remote Security Analyst with SOAR, SIEM/Splunk, UEBA, DLP, Microsoft Defender EDR, PowerShell, Python, SOC/IR, Threat Intelligence experience

Location: Austin TX (HHSC)
Duration: 5 months
Positions: 4 (2)
100% remote for now. However, the contractor will need to be onsite in accordance with the agency return to work schedule. Candidates within Texas are preferred.

Minimum Requirements:
Years Required/Preferred Experience
5 Required Implementing and supporting security platforms related to: Security Orchestration Automation & Response (SOAR), Security Information Event Management (SIEM), and User & Entity Behavior Analytics (UEBA).
5 Required Develop, deploy and tune SIEM content such as correlation rules, dashboards, reports and models.
5 Required Create and maintain documentation related to DLP solutions; this may include conceptual, logical, and physical diagrams; new environment design documents; procedural documents; job aids; write ups on technical capabilities and solution configurations;
5 Required Help deliver on DLP program objectives, implement DLP controls, define standards and policies to protect HHS. Assess, report on, and make recommendations regarding current and proposed architectures, strategies, and systems in the DLP space.
5 Required Serving as technical SME to support the Microsoft Defender EDR platform. Developing use cases, threat detection logic and rules, and alerting in Defender EDR platform for response by Incident Detection & Response analysts.
5 Required Operationalizing Indicators of Compromise from intelligence feeds by developing, testing, deploying, monitoring and alerting rules into Defender EDR Platform.
5 Required Develop and implement SOC and IR systems integrations through automation and orchestration including API, PowerShell, and Python
5 Required Develop and implement new SOC and IR playbooks for alert enrichment and triage, and threat hunting.
5 Preferred Expertise with Data Loss Prevention, Data Protection, or Insider Threat security programs.
5 Preferred Experience deploying and maintaining DLP and endpoint security controls.
5 Preferred Experience with deployment, configuration, or maintenance to support Enterprise EDR Solutions.
5 Preferred Experience with SIEM, Threat Intelligence, and SOAR platforms highly desired.
5 Preferred Ability to integrate data sources from a Cybersecurity standpoint into a SIEM/Splunk/SOAR environment is highly desired.
5 Preferred Shift flexibility, including the ability to provide on call support (24/7) when needed.

A network security analyst ensures that information systems and computer networks are secure. This includes protecting the company against hackers and cyber-attacks, as well as monitoring network traffic and server logs for activity that seems unusual. Additionally, these analysts are responsible for finding vulnerabilities in the computer networks and creating recommendations for how to minimize these vulnerabilities. The network security analyst investigates security breaches, develops strategies for any security issues that arise, and utilizes the help of firewalls and antivirus software to maintain security.

529210065C.docx

Local/Remote Security Analyst with SOAR, SIEM/Splunk, UEBA, DLP, Microsoft Defender EDR, PowerShell, Python, SOC/IR, Threat Intelligence experience

Leave a Reply

Your email address will not be published. Required fields are marked *

Discover more from innoSoul

Subscribe now to keep reading and get access to the full archive.

Continue reading