Dover, DE - IT - DTI - Security Office - Information Security Analyst

Long term assignment most likely will be extended

Title:

Information Security Analyst 1

Max Bill Rate: ***

Onsite

We are seeking a highly skilled and motivated SOC Analyst to join our cybersecurity team. The successful candidate will be responsible for monitoring and analyzing security threats in real-time, identifying vulnerabilities, and responding to security incidents. This role requires strong technical skills, excellent analytical abilities, and the capacity to work effectively in a fast-paced environment.

• Security Monitoring:
  Continuously monitor network traffic, system logs, and other security tools to detect unusual or suspicious activities that could indicate an incident or vulnerability.
• Incident Detection and Response:
  Identify and categorize security incidents such as malware infections, data breaches, and insider threats. Respond swiftly to contain, mitigate, and resolve incidents.
• Alert Triage:
  Assess alerts generated by security tools, determine their severity, and prioritize responses accordingly.
• Threat Intelligence and Hunting:
  Stay updated on the latest cybersecurity threats, vulnerabilities, and attack techniques to enhance monitoring and response efforts. Leverage these findings to conduct proactive threat hunting across SIEM and EDR platforms.
• Log Analysis:
  Examine logs from a range of sources including firewalls, intrusion detection systems, antivirus software, and system endpoints to identify irregularities that may signal a threat.
• Security Tool Management:
  Operate and manage security technologies such as SIEM systems, IDS/IPS, firewalls, PKI management, and endpoint security solutions.
• Documentation and Compliance:
  Maintain accurate records of security incidents and ensure compliance with industry standards and regulations.
• Collaboration:
  
  Work closely with other security and IT professionals to investigate and resolve security issues.
• Continuous Improvement:
  Contribute to refining security processes and developing new detection and prevention rules.

• Technical Proficiency:
  Strong understanding of IT basics, including operating systems, network protocols, and security tools.
• Hands-on Experience with Security Tools:
  Proficiency in using SIEM systems, IDS/IPS, firewalls, antivirus, and endpoint detection tools.
• Coding
  
  Skills:
  
  Knowledge of programming languages like Python or Power Shell for automating tasks and creating scripts.
• Forensics Knowledge:
  Basic understanding of computer forensics for incident investigation.
• Log Analysis:
  Ability to analyze logs to spot patterns and anomalies.
• Incident Response:
  Experience in responding to security incidents effectively.
• Threat Intelligence:
  Understanding of attack patterns and tactics used by cybercriminals.
• Communication:
  Excellent communication skills for reporting and collaboration.
• Problem-Solving:
  Strong analytical and problem-solving abilities.
• Adaptability:
  Ability to adapt quickly to evolving cyber threats.

• Education: Bachelor's degree or higher in Computer Science, Information Technology, Cybersecurity, or a related field.
• Experience: Previous experience in a security-related role with a strong understanding of cybersecurity principles and technologies.
• Certifications: Relevant certifications such as CompTIA Security+ or equivalent are beneficial.