Security Operations Center Analyst (remote)

Posted Date 2 weeks ago(8/1/2022 9:44 AM)
Job ID
2022-24621
Job City
Augusta
Job State
Maine

Overview

Knowledge Services is seeking a remote Security Operations Center Analyst for a 12-month contract (potential for extension) with the State of Maine.  Applicants are able to work 100% remotely and position is benefit eligible!   Regional candidates to the New England area or those open to hybrid work model are preferred.

Responsibilities

The Security Operations Center Analyst will be performing continuous monitoring of critical systems for the State of Maine and focused on endpoint detection and response, antivirus protection, endpoint investigations, and other endpoint security and incident response activities.

 

Responsibilities:

• Primarily responsible for Tier II level SOC Analyst duties with our Endpoint Security and Incident Response group with an opportunity for participating in our Vulnerability Management and Testing processes as needed to meet the operational requirements and goals of the SOC. 

• Understanding of detection and response, antivirus, and other endpoint security topics based on industry best practices.
• Understanding of detection and response, antivirus, and other endpoint security product features to effectively use the tools to monitor security threats and to engage in endpoint investigations and incident response activities.
• Understanding of threat hunting methodologies and of various Tactics, Techniques, and Procedures used by threat actors.
• Ability to work independently and with a team in meeting organizational goals and objectives.
• Ability to manage detection and response, antivirus, and other endpoint security solutions to monitor and contain threats.
• Ability to effectively work with members of the SOC and other MaineIT teams to document polices and processes, and to provide analysis reports as required.
• Ability to recognize common attack vectors such as, recon scans, botnet, malware, command, and control activity (C2), worms, trojans, and viruses.
• Ability to use correlation tools such as log aggregation tools or a SIEM for analysis.
• Knowledge in designing, implementing, administering, and troubleshooting endpoint security configurations to strengthen protections, minimize gaps, and improve endpoint client performance.
• Knowledge in client device management and vulnerability management identification and remediation.

Qualifications

The Security Operations Center Analyst Top Skills:

• Endpoint Security
• Incident Response
• Vulnerability Management

 

REQUIRED SKILLS:
• 5+ years of information security experience, with a focus on Endpoint Security, Incident Response, and Vulnerability Management within an enterprise environment.

• The ideal candidate will have knowledge of Windows and Linux systems and their associated scripting languages, experience with AWS or Azure cloud environments, and will have worked with endpoint security platforms such as Microsoft Defender for Endpoint, FireEye, Crowdstrike, McAfee, or similar, and with vulnerability testing products such as Windows Defender TVM, Tenable Nessus, Rapid 7 InsightVM, Qualys, or similar.

• Experience with any of the popular SIEM platforms is also desired (Splunk, Azure Sentinel, Sumo Logic, LogRhythm, Elasticsearch, etc.)

• Knowledgeable about how the products and processes fit into the broader Security Program and generally understand information security concepts, methods to combat against emerging threats, and adversary Tactics, Techniques, and Procedures.

• Bachelor's degree in computer science or a related field with advanced study preferred

• One or more relevant technical security certifications are a plus (GIAC, ISC2, CompTIA, EC Counsel, etc.)

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.