CSOC Tier 1 Analyst

CSOC Tier 1 Analyst - Day ShiftQty: 1Desired Start Date: 8/7/2023.End Date: 9/30/2024.Hrs/Wk: 40.00Clearance Level: Public TrustThe hours and the days off for this position are:Days off: Saturday-SundayHours: 8:00 am- 4:00 pmKey Responsibilities:The Tier 1 Information Security Analyst role involves conducting basic threat detection and incident response activities to maintain client's security posture. Actively monitor and investigate security alerts to detect malicious activitiesProvides initial triage for discovered issues, escalates as needed, and contributes to larger incident response efforts when requiredIdentification of Cybersecurity problems which may require mitigating controlsAnalyze network traffic to identify exploit or intrusion related attemptsRecommend detection mechanisms for exploit and or intrusion related attemptsProvide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologiesEscalate items which require further investigation to other members of the Threat Management teamExecute operational processes in support of response efforts to identified security incidentsWorks collaboratively as a team member in a dynamic environment and must also possess excellent analytical, communication, and problem-solving skills. A high level of confidentiality and professionalism is required.Participates in process improvement initiatives to continuously enhance the security posture of clientJob responsibilities will include:Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements. Follow documented procedures to properly triage and respond to identified malicious activity, such as escalation or remediation actions.Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etcFollows strict guidance on reporting requirementsKeeps management informed with precise, unvarnished information about security posture and eventsPromotes standards-based workflow both internally and in coordinating with US-CERTEngages with other internal and external parties to get and share information to improve processes and security postureGuide team effortsCommunicates to CISO leadershipLeads analyzing/investigating reports or anomaliesParticipate in internal meetings, such as shift turn over, team meetings, etc. to collaborate with the fellow team members and perform knowledge transfer.Requirements:Must be eligible to obtain a sensitive clearance - Position of Public Trust - and may be required to obtain a higher security clearancePreferred 2+ years IT security experiencePreferred 1+ years' experience in network traffic analysisStrong working knowledge of:TCP/IP FundamentalsNetwork Level ExploitsExcellent oral and written communication skillsExcellent interpersonal and organizational skillsStrong understanding of IDS/IPS technologies, trends, vendors, processes and methodologiesStrong understanding of common IDS/IPS architectures and implementationsStrong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detectionDesired Skills:Splunk experience, developing queriesCloud monitoring experience is a plusExcellent writing skillsRequired Education:Two years of related work experience may be substituted for each degree-level education.Certifications (one or more desired):Comp TIA Security+Additional Provisions:Must be able to obtain a Position of Public Trust ClearancePass both a client mandated clearance process to include drug screening, criminal history check and credit check.Once candidate's resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.All candidates must be a US Citizen, or have permanent residence status (Green Card).Candidate must have lived in the United States for the past 5 years.Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)All overtime must be pre-approved in writing by the client manager or his/her designated representative.Agency will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.The enforced dress code is business casual, i.e. collared shirt with slacks for men, no skirts above the knee for women. ABBTECH is an EOE/Minorities/Women/Disable Individuals/Veterans