Center for Internet Security, Inc.

  • Sr. SOC Analyst- Endpoint Detection and Response- Relocation to Albany, New York

    Job Locations US-Remote | US-NY-Albany
    ID
    2020-1162
    Category
    Cybersecurity Operations
    Type
    Regular Full-Time
  • Overview

    The primary purpose of this position is to be a subject matter expert within the Security Operations Center (SOC) in the area of Endpoint Detection and Response (EDR) and assist in the completion and running of technical projects related to EDR. This position will also serve as a resource and point of contact for SOC Analysts during and after their initial training for questions and assistance related to EDR monitoring. This position will also coordinate and report on cyber incidents impacting State, Local, Tribal and Territorial (SLTT) governments. This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work. 

     

    This position is based in our 24/7 SOC in the Albany, New York area. We offer relocation assistance to qualified candidates.

    What You'll Do

    • Responsible for working in a 24x7 SOC environment
    • Provide analysis support of host-based security events and trending of security log data from a large number of heterogeneous end point systems.
    • Act as a subject matter expert in the area of endpoint security and endpoint detection and response technologies and analysis
    • Investigate, document, and report on information security issues and emerging trends
    • Integrate and share information with other analysts and other teams
    • Perform tasks independently with minimal oversight
    • Work on special tasks and long-term projects
    • Provide training and support for SOC Analysts
    • Report on complex issues and analysis
    • Research and draft products on emerging security issues
    • Other tasks and responsibilities as assigned

    What You'll Need

    • Bachelor's degree in related field or equivalent demonstrated experience and knowledge*
    • 3+ years’ experience as a Security/Network Administrator working with EDR technologies or 3+ years’ experience as an Analyst in an Operations Center working with and monitoring EDR technologies
    • Demonstrated experience in various security methodologies and processes, and technical security solutions
    • Demonstrated experience in analyzing network and host-based security events
    • Demonstrated experience working on technical projects, both independently and as a member of a team
    • Knowledge of incident response life cycle and steps
    • Knowledge of TCP/IP Protocols, network analysis, and network/security applications
    • Knowledge of common Internet protocols and applications
    • Strong time management, attention to detail, and professional and interpersonal skills
    • Excellent communication and customer service skills (written and verbal)
    • The position is open to U.S. citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions
    • Must be authorized to work in the United States

    *Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.

     

    It's a Plus if You Have:

    • Network+, Security+, CCFR, CCFH, or other related certifications preferred
    • Working knowledge of MITRE ATT&CK framework
    • Experience in an incident response or incident handler position
    • Experience in computer forensics and malware reverse engineering
    • Experience training junior team members

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed