Job Description
*****MUST BE US CITIZEN*****
*****SUBMISSION OF MORE THAN 43HR WILL NOT BE CONSIDERED*****
*****MUST BE RELIABLE SHOW INITIATIVE AND BE FLEXIBLE TO WORK EITHER 8AM-8PM AND/OR 8PM-8AM SHIFTS EST******
***** CYBERSECURITY EXPERIENCE EXCELLENT COMMUNICATION SKILLS STRONG ATTENTION TO DETAIL ABILITY TO READ AND FOLLOW WRITTEN INSTRUCTIONS ARE ESSENTIAL*****
6-12 month Contract to Hire
Lumen is seeking a SOC Cyber Analyst. This is an entry to mid-level position in Cyber Security targeted toward individuals with 0-3 years of experience. Educational and personal experience with network/systems administration and/or information security-related work is necessary.
Responsibilities:
SOC Analysts are responsible for monitoring and maintaining systems used in our internal security program. This includes the following procedures to triage and investigate security alerts phishing emails and escalate issues as necessary. SOC Analysts have opportunities for mentorship from more senior members of the team involvement with maturing procedures evaluating new security technologies incident response and the freedom to try out new ideas and technologies to improve the SOC.
Duties:
Performs network security monitoring security event triage and incident response for a mid-size organization coordinates with other team members management to document and report incidents
He/she will be part of rotating SOC shifts supporting 24/7 coverage. Nights and weekends can be performed remotely after sufficient training and familiarization.
Maintains records of security events investigated and incident response activities utilizing case management and ticketing systems
Monitors and analyzes Intrusion Detection Systems IDS Security Orchestration Automation Response SOAR alerts and Security Information and Event Management SIEM to identify security issues for remediation
Makes recommendations creates modifies and updates Intrusion Detection Systems IDS and Security Information Event Management SIEM tool rules
Ensure that we are implementing best practice security policies that address the client's business need while protecting their vital corporate assets
Take on Security Operations responsibilities when not on a SOC shift: This includes but is not limited to vulnerability scanning
Apply and retain learned knowledge across key lines of business including products practices and procedures
Attend and fully engage in team and customer meetings
Become a deep technical resource that earns our customers trust
Innovate on behalf of customers translate your thoughts into action yielding measurable results
This is a customer-facing role in a hybrid delivery model
Other continuous education and training in the security field
REQUIRED:
1 - 3 years of professional work experience in Security Operation Security SOC
Experience working with common security tools and products:
Ability to work in a team environment with a proven history of being able to collaborate successfully with team members.
Knowledge of Runbooks Playbooks and following Standard Operating Procedures
Strong analytical skills to define risk identify potential threats and develop action/mitigation plan
Strong interpersonal skills ability to mentor/train staff and bring awareness to current and emerging threats
Strong written and verbal communications skills with an ability to present technical risks and issues to non-technical audiences
Proven ability to multitask thrive and prioritize responsibilities in a fast-paced environment
BS/BA degree in Computer Science Information Systems or related discipline or equivalent experience
Desired:
Firewalls e.g. PaloAlto Networks Checkpoint Cisco ASA Juniper SSGPFSense etc.. is a plus
Log Management and SIEM e.g. Splunk IBM QRadar HP ArcSight is a plus
Network Analysis Tools e.g. Netwitness Wireshark
Analyzing Phishing Emails is a plus
Endpoint Security e.g. Carbon Black Enterprise Protection Carbon Black Enterprise Response Symantec McAfee Forefront
Various Open-Source security and networking tools MRTG SysInternals Whatsup Gold
System Analysis and Forensic Tools e.g. FTK EnCase are a plus
SOAR Platforms e.g. Siemplify Resilient are a plus
Linux OS and scripting skills. OSX and Windows skills are a plus
Cyber Security Certifications: Security CySa CASP SAN GIAC Certifications GCIH GPEN GSEC etc. etc. are a plus