CSOC Analyst

Overview

• Tier One Technologies is looking for a Cyber Security Operations Center (CSOC) Analyst to work with our direct US Government client.
• This will be a 100% remote contract-to-hire position.
• SELECTED CANDIDATES WITHOUT REQUIRED CLEARANCE WILL BE SUBJECT TO A FEDERAL GOVERNMENT BACKGROUND INVESTIGATION TO RECEIVE IT.

Responsibilities

• Identification of Cybersecurity problems which may require mitigating controls.
• Analyze network traffic to identify exploit or intrusion related attempts.
• Recommend detection mechanisms for exploit and or intrusion related attempts.
• Provide subject matter expertise on network-based attacks, network traffic analysis, and intrusion methodologies.
• Escalate items which require further investigation to other members of the Threat Management team.
• Execute operational processes in support of response efforts to identify security incidents.
• Responsible for monitoring, reviewing, and responding to security alerts and incidents across multiple platforms including Microsoft Defender for Cloud Apps, Defender for Endpoint, Defender XDR, Defender for Office 365, Azure Entra ID, and Google Cloud Security Command Center (SCC). Duties include performing threat detection and analysis, investigating suspicious activity, coordinating incident response efforts, and implementing remediation actions.
• Participate in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements.
• Follow precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc.
• Follow strict guidance on reporting requirements.
• Keep management informed with precise, unvarnished information about security posture and events.
• Promote standards-based workflow both internally and in coordinating with CISA.
• Engage with other internal and external parties to get and share information to improve processes and security posture.
• Communicate to CISO leadership.
• The role also involves tuning security policies, maintaining visibility into cloud and endpoint environments, and supporting continuous improvement of the organization’s security posture.

Qualifications

• Bachelor's OR Master's Degree in Computer Science, Information Systems, or other related fields, or equivalent work experience.
• 3+ years of IT security experience.
• 2+ years of experience in network traffic analysis.
• Strong working knowledge of TCP/IP Fundamentals and Network Level Exploits.
• CERTIFICATIONS: (One or more required):
  • CompTIA Security+
  • CISSP - Certified Information System Security Professional
  • CEH - Certified Ethical Hacker
  • CISA - Certified Information Systems Auditor
  • CISM (Certified Information Security Manager)
  • GIAC (Global Information Assurance Certification)
  • RHCE (Red Hat Certified Engineer)
• Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies.
• Familiarity with IDS/IPS architectures, implementations, signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection.
• Prior Azure and GCP O365/Microsoft 365 experience.
• Excellent communication skills.
• Must be able to obtain a Position of Public Trust Clearance.
• Be able to pass a drug screening, criminal history, and credit checks.
• Must be a US Citizen or Green Card holder.
• Must have lived in the United States for the past 5 years.
• Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)