No longer accepting applications!!

Role/Title OCTO - SOC Analyst Tier 1 (728006)

Rate $40/hr on 1099

Work Authorization G.C. holders|US Citizens only

OCTO’s CityWide Information Security Team (CWITS) is looking for a Tier 1 SOC Analyst to work onsite at 200 I ST, SE 4 days a week with 1 day of telework. This role is responsible for monitoring the Security Operations Center by responding to alerts, notification, communications and providing incident response activities such as tracking the incident, communication with stakeholders,remediation and recovery actions and reporting pertaining to security incidents. The analyst follow standard operating procedures for detecting, classifying, andreporting incidents under the supervision of Tier 2 and Tier 3 staff.

Responsibilities

• Perform real-time monitoring of internal and information technology securityequipment and systems to determine operational status and performance makinguse of various Security Incident and Event Management (SIEM) tools, SOAR platforms and other related security management/console applications, such as network traffic and data analytics.
• Analyze both raw and processed security alert and event data to identify potential security incidents, threats, mitigations, and vulnerabilities.
• Support follow-on actions, such as coordinating with other organization teams to facilitate remediation of the alert/event/incident, and close out the investigation.
• Perform initial alert/event/incident triage used for investigation.
• Initiate incident notification, case tracking/management, recovery actions, andreport status updates.
• Perform incident response analysis uncovering attack vectors involving a variety of malware, data exposure, and phishing and social engineering methods.
• Coordinate process and procedure actions with geographically separated team members.

Incident Response

• Support and develop reports during and after incidents, which include all actionstaken to properly mitigate, recover and return operations to normal operations.
• Participate in the remediation of incidents and responses that are generated fromlive threats against the enterprise.
• Coordinate and provide technical support to enterprise-wide cyber defensetechnicians to resolve cyber defense incidents.
• Assist in real-time cyber defense incident handling (e.g. forensic collections,intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs).

Compliance

• Understand, enforce, and adhere to the company policies and procedures.
• Have read and understand the Information Security Policy and supportingprocedures and do not hinder in any way the proper execution of procedures defined within.
• Understand and abide by our non-disclosure and confidentiality agreements.

Desired Background

• Bachelors’ degree in either: Computer Science, Engineering, Information Technology, Cyber Security, or equivalent experience in Cyber/IT roles (SOC experience preferred, but not required).
• Preferred Cyber Security Certifications such as CompTIA Security+.
• Excellent written and oral communication skills.
• Self-motivated and able to work in an independent manner.
• Expertise in implementing, administrating and operating information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus, network traffic analyzers and malware analysis tools.
• Utilizes advanced experience with scripting and tool automation such as Perl, PowerShell, Regex.
• Develops, leads, and executes information security incident response plans.
• Develops standard and complex IT solutions & services, driven by business requirements and industry standards.
• May also leverage dynamic and static code assessment tools to measure vulnerability of applications throughout the SDLC.

Minimum Education/Certification Requirements

• BS Degree in IT, Cybersecurity, or Engineering, or equivalent experience.
  Apply on LinkedIn or Submit Resume