Cybersecurity Specialist - SOC & SIEM

Overview

We are seeking a highly motivated and detail-oriented Cybersecurity Specialist specializing in Security Operations Center (SOC) and Security Information and Event Management (SIEM) to join our dynamic cybersecurity team. In this role, you will be responsible for monitoring, analyzing, and responding to security threats across our IT infrastructure, ensuring the integrity and confidentiality of our systems. Your expertise will help safeguard our organization against cyber threats through proactive threat detection, incident response, and vulnerability management.

This position offers an exciting opportunity to work with cutting-edge security tools and contribute to a robust security posture in a fast-paced environment.

• Monitor network traffic, logs, and alerts using SIEM platforms such as Splunk or similar tools to identify potential security incidents.
• Conduct threat detection & response activities by analyzing security events, identifying vulnerabilities, and escalating incidents as necessary.
• Implement and manage security controls including firewalls, IDS (Intrusion Detection Systems), IPS (Intrusion Prevention Systems), and VPNs to protect network infrastructure.
• Perform vulnerability assessments and research to identify weaknesses within IT infrastructure, including LAN/WAN networks, Cisco routers, Cisco ASA firewalls, and cloud environments like AWS or Google Cloud Platform.
• Develop and maintain system security plans aligned with standards such as NIST standards, ISO 27000 series, PCI DSS, FedRAMP, and FISMA compliance requirements.
• Support incident recovery efforts by participating in incident management processes utilizing ITIL best practices and disaster recovery procedures.
• Collaborate with network engineering teams on network architecture design involving routing protocols like OSPF, BGP, MPLS; network protocols such as TCP/IP, DNS, DHCP; and network support activities including load balancing and high availability configurations.

• Strong understanding of computer networking concepts including LAN/WAN architecture, routing protocols (OSPF, BGP), IPsec VPNs, Ethernet, VLANs, and network installation.
• Hands-on experience with SIEM tools such as Splunk or similar platforms for log analysis and threat detection & response.
• Proficiency in configuring and managing firewalls (Cisco ASA), IDS/IPS systems, Cisco ISE for identity & access management; familiarity with GPOs (Group Policy Objects).
• Knowledge of operating systems including Windows Server environments, Linux distributions (Debian, CentOS, Ubuntu), macOS, and BSD variants like Solaris or open
  
  SUSE.
• Expertise in system hardening techniques using tools like SELinux; understanding of system security plans; experience with cloud computing platforms such as AWS or Azure.
• Familiarity with vulnerability management tools for vulnerability assessment & research; experience with vulnerability frameworks like MITRE ATT&CK is a plus.
• Ability to perform incident response activities effectively while adhering to cybersecurity standards such as NIST SP 800-53 or ISO 27001; knowledge of threat intelligence gathering.
• Skills in scripting languages such as Python or Bash for automation; experience with Dev Ops practices including CI/CD pipelines is advantageous.
• Strong analytical skills combined with excellent communication abilities to document findings clearly and collaborate across teams effectively.

Pay: $60.00 - $65.00 per hour

Work Location:

In person