Our client is seeking a Security Operations Center (SOC) Analyst who is critical in safeguarding the State of Nebraska's digital assets by actively monitoring, analyzing, and responding to security incidents. This position requires a keen understanding of cybersecurity principles, threat detection, incident response, and strong analytical skills to identify and mitigate security threats in real time. As a member of the Information Security Team, this in-person position requires the person to be on call.
Responsibilities:
- · Monitor and triage security alerts and events from various sources, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
- · Conduct in-depth analysis of security events to identify potential security incidents or breaches.
- · Investigate and triage security alerts, determining the threat's scope, impact, and severity.
Aid in developing and maintaining standard operating procedures (SOPs) for incident detection, response, and escalation.
- · Collaborate with cross-functional teams to resolve security incidents and implement appropriate countermeasures.
- · Perform threat-hunting activities to proactively identify and mitigate emerging threats.
- · Maintain and update security tools and technologies to ensure optimal performance and effectiveness.
- · Provide timely and accurate reports on security activities, trends, and metrics to leadership and stakeholders.
- · Participate in security awareness training and education programs for staff members to enhance cybersecurity awareness and best practices.
- · Stay current with industry trends, emerging threats, and security technologies to continuously improve SOC capabilities.
Requirements:
- · Associate degree in Computer Science, Information Technology, Cybersecurity, or related field.
- · Minimum of 2 years of experience working in a security operations center or similar role.
- · An associate's degree with a minimum of 4 years of experience is also accepted.
- · Strong understanding of cybersecurity principles, threat landscape, and attack vectors.
- · Proficiency in using security tools such as SIEM, IDS/IPS, endpoint detection and response (EDR), and threat intelligence platforms.
- · Experience with incident response procedures, including incident triage, containment, eradication, and recovery.
- · Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).
- · Excellent analytical and problem-solving skills, with the ability to analyze large datasets and identify anomalies.
- · Effective communication skills, with the ability to convey technical information to non-technical stakeholders.
- · Relevant certifications such as CompTIA Security+ and Certified Information Systems Security Professional (CISSP) are helpful.
- · Ability to work effectively in a fast-paced environment and prioritize tasks based on the severity and impact of security incidents.
Must be able to pass background checks and employment screenings.