Vacancy expired!
Overview
The Squires Group has a contract opportunity for a Mid-Level SOC Analyst on a Federal Program in Chandler, AZ. We have teamed with this award-winning global integrator for more than 20 years. They work with the most cutting-edge technology, with the end goal of helping defend our nation. In this role, you will be part of a team that monitors and analyzes network traffic, Intrusion Detection Systems (IDS), security events, and logs. This position is for the overnight shift. Per our Federal Government Contract, candidates must have an Active Secret clearance. Responsibilities- Prioritize and differentiate between potential intrusion attempts and false alarms
- Develop, maintain, and follow SOC Standard Operating Procedures (SOPs)
- Review large data sets for anomalous activity
- Create detective content for monitoring devices such as IDS and SIEM and advise on proactive blocks for security architecture
- Compose security alert notifications and other communications
- Advise incident responders in the steps to take to investigate and resolve computer security incidents
- Stay up to date with current vulnerabilities, attacks, and countermeasures
- Bachelor's Degree
- 1+ years of experience and knowledge of the following:
- Working on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or a Security Operations Center (SOC)
- With Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools, and other security tools found in large network environments; along with experience working with Security Information and Event Management (SEIM) solutions
- Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages
- CEH Certification (can be obtained within 6 months of start date)
- Per our Federal Government Contract, candidates must have an Active Secret clearance
- SEC+
- CYSA+
- Related SANS certifications (GCFA or GCIH is preferred)
- CISSP
Vacancy expired!