SOC Cyber Detection & Response (CDR) Analyst

About The Position

Requirements

• At least one year of full-time or equivalent part-time experience in information technology security.
• An Associate's degree in a related field may substitute for the required experience.

Nice To Haves

• Knowledge of SIEM (Security Information and Event Management) Splunk.
• Familiarity with cloud computing (AWS/AZURE/GCP).
• Knowledge of TCP/IP, VLANs, computer networking, routing, and switching.
• Familiarity with IDS/IPS, penetration and vulnerability testing.
• Understanding of network protocols and packet analysis tools.
• Familiarity with Windows and Linux operating systems.
• Understanding of Proofpoint and other email security tools.
• Security certifications desired but not required.
• Experience with EDR Tools, particularly Palo Alto Cortex.

Responsibilities

• Manage day-to-day security monitoring and incident response activities, including SIEM monitoring and Endpoint Detection and Response.
• Assist in detection and incident response functions, including Security Incident Reporting tickets and customer notifications.
• Conduct and participate in cybersecurity incident simulation exercises at various levels.
• Monitor and respond to anomalous Internet, Extranet, and Intranet activity based on credible threat intelligence.
• Collaborate with EOTSS customer organizations and EDR vendors for software testing and status reporting.
• Develop and deliver cybersecurity education and awareness initiatives for state government.
• Review third-party alerts to maintain situational awareness of security issues affecting Commonwealth agencies.
• Conduct research into new threats that may impact Commonwealth agencies and local entities.
• Promote security awareness through phishing campaigns and overall security awareness programs.
• Prepare security reports for management utilizing enterprise security tools.

Benefits

• Comprehensive employee benefits package including health insurance, retirement plans, and paid time off.