Cybersecurity Analyst – Tier 2 (On-Site)

About The Position

Requirements

• 3 years of experience supporting incident response in an enterprise-level Security Operations Center (SOC)
• Bachelors degree in computer science, cybersecurity, information technology or related field
• Must have or be willing to obtain one of the following certifications: GIAC Certified Incident Handler, EC-Council's Certified Incident Handler (E|CIH), GIAC Certified Incident Handler (GCIH), Incident Handling & Response Professional (IHRP), Certified Computer Security Incident Handler (CSIH), Certified Incident Handling Engineer (CIHE), EC-Council's Certified Ethical Hacker
• Above average understanding of cybersecurity principles and incident response methodologies
• Strong experience with security technologies (e.g., Security Information and Event Management (SIEM), Intrusion Detection System/Intrusion Prevention System (IDS/IPS), Endpoint Detection and Response (EDR), network monitoring tools)
• Experience with enterprise ticketing systems (e.g., ServiceNow)
• Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions
• Ability to learn and function in multiple capacities
• Ability to be proactive in a high-pressure environment to ensure SOC operates effectively
• Excellent analytical and problem-solving skills
• Excellent verbal and written communication skills
• Ability to work third shift (10:30PM ET - 7:00AM ET) to support 24/7 cybersecurity operations
• Ability to obtain/maintain a Federal Civilian Public Trust
• U.S. Citizenship or Permanent Resident that has lived in the United States for at least 3 years

Responsibilities

• Performs real-time monitoring and triage of security alerts in Cybersecurity toolsets including SIEM and EDR
• Makes accurate determination of what alerts are false positives or require further investigation and prioritization
• Leads and actively participates in the investigation, analysis, and resolution of cybersecurity incidents
• Analyzes attack patterns, determines the root cause, and recommends appropriate remediation measures to prevent future occurrences
• Ensures accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned
• Collaborates with knowledge management teams to maintain up-to-date incident response playbooks
• Collaborates effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators
• Communicates clear technical information and incident-related updates to management and stakeholders
• Identifies and actions opportunities for tuning alerts to make the incident response team more efficient
• Monitors the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy
• Leverages Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions
• Supports the mentoring and training of more junior incident response staff
• Stays informed about the latest cybersecurity threats, trends, and best practices
• Participates in cybersecurity exercises, drills, and simulations to improve incident response capabilities

Benefits

• Medical, dental, vision and prescription drug coverage for you and your family.
• Life Insurance, short-term disability and long-term disability paid for by the Company.
• Supplemental coverages including Accident, Critical Illness, and Hospital.
• Additional Life insurance coverage for you and your dependents.
• 401k plan with various options to select based on your retirement goals.