Vacancy expired!
Junior Security Threat Analyst - SOC/CERT
TX, San Antonio 78201 Security Clearance: U.S. Citizen, Current Security Clearance, Secret Skills: Cyber Engineer, Automation, SOC, CSIRC, CERT, CIRT, Threat Hunting, Signature Development, Vulnerability ScanningSecurity Threat Analyst- Junior San Antonio, TX 78201 We are seeking Junior level Cyber Analysts/Threat Hunter/Cybersecurity Engineers to support a DoD Secure Operations Center (SOC) supporting I T modernization activities and migrating applications to the cloud. Qualified candidates will have experience and working knowledge of cyber analysis and experience supporting a data center environment. Prior experience in a SOC, CSIRC, CERT, or CIRT operations environment is required. Experience working with the military and leveraging artificial intelligence and automation to optimize infrastructure processes is a plus. Location Note: Work is based in San Antonio; relocation support will be considered Travel Note: Some future travel may be required (estimated less than 5%) Role and responsibilities include:- Troubleshoot and resolve software, operating systems, and network problems identified in vulnerability scans
- Monitoring dashboards and intrusion detection and prevention systems (IDS/IPS)
- Performing initial analysis and investigation into alerts as they are seen (to include anti-virus and phishing alerts
- Performing initial malware analysis utilizing automated means
- Incident intake, ticket updates and reporting of cyber events
- Use SOC monitoring devices (SIEM, IDS, DLP) to review and analyze pre-defined events indicative of incidents
- Monitor system backups and when necessary performs data recoveries
- Perform vulnerability scans
- Support proactive security measures and threat hunting activities
- Utilize signature-based detection methods as part of a comprehensive cyber hygiene procedures
- U.S. citizenship
- Current security clearance (Secret at a minimum)
- Bachelor's degree in a related discipline is preferred; related experience will be considered in lieu of a degree
- 2-5 years of systems administration/network administration experience including cyber analysis
- 6 months minimum of overall experience must be working in a Security Operations Center (SOC) environment or related environment such as a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), or Computer Security Incident Response Center (CSIRC)
- Experience supporting network security and cyber security in a DoD environment
- Experience using signature-based technologies to detect signature development and sophisticated cyber threats is a must
- Experience using threat hunting tools and hunting threats for signatures and/or threat intelligence indicators is a must
- Experience performing vulnerability scans is a must
- Experience using OC monitoring devices (SIEM, IDS, DLP) to review and analyze pre-defined events and indications of incidents
- Experience monitoring Antivirus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments
- Experience working with Security Information and Event Management (SIEM) solutions is a plus
- Familiarity with various network and host based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages
- Host based forensics and malware analysis experience
- Previous experience working in a large government or corporate enterprise environment
- Ability to learn new application functionality quickly while launching, configuring, and managing applications Troubleshooting expertise and the ability to find solutions to complex problems with limited to no guidance
- Ability to work with others to develop and execute plans daily that identify key blockers and determine best actions to eliminate issues
- General Linux experience at the intermediate level is desired General Windows experience at the expert level is desired
- Ability to support business travel, if requested
Vacancy expired!