Job Description Binary Defense Systems (BDS) has open positions for incident responders and network security monitoring analysts in a 24x7x365 Security Operations Center (SOC). Responsibilities will include, but not be limited to network security analysis, monitoring and incident response.
Security Analysts work with and learn from experienced security team leaders and use the latest technology to detect, analyze and limit intrusions and security events. Candidates must be willing to work in a 24x7x365 SOC environment, demonstrate intuitive problem solving skills and allow for flexible scheduling.
The SOC Analyst will work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and participate in security investigations. The SOC Analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint. The SOC Analyst should have familiarity with the principals of network and endpoint security, current threat and attack trends, and have a working knowledge of security principals such as defense in depth.
The SOC Analyst must be competent to work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.
Shift: 12:00 pm-12:00 am / 12:00am – 12:00pm, 4 days on, 4 days off
Performs network security monitoring and incident response for numerous clients. Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies. Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation. Creates, modifies, and updates Security Information Event Management (SIEM) rules. Recognizes potential, successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information. Evaluates/deconstructs malware (e.g. obfuscated code) through open-source and vendor provided tools. Communicates alerts to clients regarding intrusions and compromises to their network infrastructure, applications and operating systems. Prepares briefings and reports of analysis methodology and results. Creates and maintains standard operating procedures and other similar documentation. Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks. Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
QUALIFICATIONS, EDUCATION and CORE COMPETENCY REQUIREMENTS:
0-2 years of related experience in information technology and/or information security preferred. Willingness to learn and continually improve skills to ensure the success of the business and its objectives. Candidates must be able to work a flexible schedule within a 24x7x365 Security Operations Center (SOC) environment, as well as may be expected to work holidays. A good candidate should have some or all of the following traits: EXCELLENT ANALYTICAL AND PROBLEM SOLVING SKILLS AS WELL AS INTERPERSONAL SKILLS TO INTERACT WITH CUSTOMERS, TEAM MEMBERS AND UPPER MANAGEMENT; AN UNDERSTANDING OF CYBER SECURITY INCIDENT RESPONSE AND NETWORK SECURITY MONITORING; FUNDAMENTAL UNDERSTANDING OF COMPUTER NETWORKING (TCP/IP), KNOWLEDGE OF WINDOWS, LINUX AND CISCO OPERATING SYSTEMS AND INFORMATION SECURITY; KNOWLEDGE OF INTRUSION DETECTION SYSTEMS (IDS) AND SIEM TECHNOLOGIES; ARCSIGHT, SPLUNK, LOGRHYTHM, QRADAR, ANTIVIRUS, FIREWALLS AND SOURCEFIRE AND SIMILAR TOOLS PREFERRED.
Job Type: Full-time