Network Security Monitoring Analyst 102051

Network Security Monitoring Analyst 
Location: Remote 
Required Clearance: Public Trust 

Since 1999, ITEC has delivered mission-critical support to the DoD and Intelligence Community. Now part of ManpowerGroup Public Sector (MGPS), we continue that work with expanded capabilities. Employees hired through this process will join MGPS and receive a comprehensive benefits package and competitive pay.  

U.S. Citizenship Mandatory: Due to our US federal government contract, candidates for this position are required to be a US Citizen and will be subject to a background investigation. 

Job Description:

The Network Security Monitoring Analyst is a vital member of the Security Operations Center (SOC), serving as the first line of defense against cyber threats. This role involves continuous monitoring of security systems, analyzing alerts, identifying potential incidents, and responding swiftly to mitigate risks. Analysts leverage a variety of security tools, threat intelligence, and established procedures to maintain a strong security posture. This role requires a blend of technical expertise, analytical thinking, strong communication skills, and a commitment to continuous learning.

Job Responsibilities:

• Continuous Monitoring: Actively monitoring security systems, including SIEM (e.g., Splunk, Microsoft Sentinel), IDS/IPS (e.g., Snort, Suricata), EDR (e.g., CrowdStrike Falcon, SentinelOne), firewalls, and other security devices, for suspicious activity.
• Alert Triage and Analysis: Reviewing and analyzing security alerts, distinguishing between true threats and false positives, and prioritizing incidents based on severity.
• Incident Response: Participating in incident response activities, including incident triage, containment, eradication, and recovery, following established incident response procedures.
• Log Analysis and Correlation: Analyzing security logs from various sources to identify patterns, anomalies, and potential security incidents.
• Threat Intelligence: Utilizing threat intelligence feeds to stay informed about emerging threats and vulnerabilities and incorporating threat intelligence into security monitoring and incident response.
• Documentation and Reporting: Creating detailed reports of security incidents, documenting incident timelines, actions taken, and lessons learned.
• Security Tool Management: Assisting in configuring, maintaining, and tuning security tools.
• Compliance: Contributing to compliance efforts by adhering to relevant security policies, standards, and regulations (e.g., NIST/FISMA).
• Collaboration: Working closely with other SOC analysts, incident responders, and IT teams to ensure effective security operations.
• Continuous Learning: Staying up to date with the latest cybersecurity threats, vulnerabilities, and technologies. 

Required Skills:

• Bachelor's degree in computer science, information technology, or a related field (or equivalent experience).
• Proven experience in a SOC or related security environment.
• Strong understanding of networking concepts and protocols (TCP/IP, DNS, HTTP, etc.).
• Proficiency in using SIEM tools (Splunk).
• Familiarity with IDS/IPS, EDR, and other security technologies.
• Basic to intermediate knowledge of scripting languages (Python, Bash) for automation.
• Strong analytical and problem-solving skills.
• Excellent communication and teamwork skills.
• Ability to work in a fast-paced, 24/7 environment.
• Knowledge of common operating systems (Windows, Linux, macOS).
• Knowledge of cloud security concepts.
• Relevant certifications (Security+, CompTIA CySA+, CEH, etc.) are a plus.