***No third-party candidates, corp-to-corp, H1-B will be accepted.***
Title: Security Operations Center Analyst
Location: Hybrid - 1 to 2 days in the office per week, must live in the Greater Phoenix, Arizona Area.
Hiring Model: Full-time, 6-12 Month contract, option to extend and/or convert to a permanent employee
The Client:
Our client was named among America's top 500 best large employers and was the only government agency to make this list. Our client operates multiple departments and has over 14,000 employees. Our client prides itself on supporting its citizens in one of the most desirable places to live and work.
About the Job:
The SOC Analyst will join the Security Operations Center team within the Information Security Office. The Information Security Office provides strategic oversight, direction, and coordination for the organization’s information security and privacy programs. This position reports directly to the Security Operations Manager and is a key player in a growing SOC team, responsible for event analysis, escalation, response, remediation, and reporting.
Key Job Duties
- Provide response and remediation for escalated endpoint, email, network, and cloud-based threats.
- Identify advanced security vulnerabilities and attack techniques.
- Perform incident response for enterprise incidents.
- Detect weaknesses in networks and software using prescribed tools and coordinate mitigation strategies with stakeholders.
- Write and maintain incident response procedures and SOC playbooks.
- Mentor other SOC analysts.
Ideal Candidate
- Direct experience in security operations center work, network analysis, threat analysis, and/or intelligence analysis.
- Comprehensive understanding of vulnerability management and operational requirements.
- Direct experience in endpoint management (antivirus, scripting, patching, monitoring, etc.).
- Proficiency using scripting language tools.
- Direct experience with vulnerability management and threat prioritization tools.
- Direct experience with authentication in identity & access management, network application, database, and cloud security.
- Demonstrated knowledge of incident response methodologies and reporting.
- Direct experience using ticketing systems for tracking.
- Knowledge of information security attack methods and techniques.
- Knowledge of the TCP/IP protocol suite, security architecture, enterprise techniques/products, and the CIA triad.
- Knowledge and understanding of information technology industry trends and emerging technologies.
- Familiarity with breach laws and requirements, IT regulations, PCI, HIPAA, CJI, and other regulated data and privacy laws and standards.
- Proficiency in managing, configuring, and monitoring email security solutions.
- Demonstrable skills in managing and monitoring email data policies (DLP, incident management, etc.).
Preferred Qualifications
In addition to the minimum qualifications listed above:
- Direct work experience as a security, systems, or network administrator.
- Experience using ticketing systems for tracking.
- Cybersecurity certifications such as GCIA, GCIH, GPEN, GCFE, EnCE, or CCNA Cyber Operations.
