IMMEDIATE NEED FOR 2 Analysts
**** HOT – GO INTO OFFICE ONLY 1 or 2 Days a week MAYBE **** 100% Remote now!
The growing company led by prior Big 4 executives are looking to hire several Level 2 SOC Analysts for a growing Incident Response group for Sun – Wed. (Noon – 10pm).
The company allows you to work DIRECTLY with the owners and leadership and they will be upfront about what you need to do to grow. They respect work/life balance AND won’t have you chasing a moving target.
IDEAL PERSON would be currently working for a Big 4 or large integrator who wants the opportunities listed above.
Will also receive a Public Trust clearance.
You will be working in a 24x7x365 center environment that handles tickets that come in from Level 1 regarding alerts, notifications, and other incident activities ie. tracking, working with stakeholders, recovery, resolution, and reporting.
Main responsibilities will be on issue mitigation, recovery, and remediation once an attack has occurred.
SKILLS AND EXPERIENCE NEEDED
- MUST have the ability to obtain a security clearance (up to Top Secret if need to down the line)
- Should have EDR solution experience
- Strong vetting phishing emails experience
- Must have one of these certifications current: CISSP, GCIH, or CASP+
- Experience with cyber security incidents, anomaly analysis, log analysis, digital forensics, common threat vectors and be able to comprehend reports and determine what additional action and response activities may be required to resolve an incident.
- Experience with SIEM monitoring and analysis, analyze network traffic, log analysis, prioritize and can tell the difference between potential intrusio and a false alarm.
- Ability and exjperience following SOP’s, policies and other procedures for escalation and notification of Federal Leadership and reporting.
- Have experience with compliance or regulatory frameworks like FISMA, NIST and/or ISO
- Experience threat hunting
- Some understanding of enterprise networking and assoicated security tools (example: firewalls, Antivirus, HIDS, IDS/IPS, proxy, WAF), Windows and Unix/Linux systems operations
- A strong understanding of Splunk SIEM and associated forensic tools.