Tier 1 Security Analyst

Description:
Onsite in Anaheim, CA

Our client seeks a Tier 1 Security Analyst to monitor, alert, respond, and report on cyber threats targeting critical assets, systems, and data. The analyst will operate in a 24x7 SOC environment with shift rotations, perform event monitoring, incident triage, and vulnerability management, and support threat intelligence and automation initiatives. The role requires foundational SOC experience with SIEM, EDR, and email security tools, sound incident response knowledge, and strong interpersonal skills.

This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $25.00 to $29.00/hr. w2

Responsibilities:

• Proactively monitor security events for networks and systems.
• Identify, investigate, and report on potential security incidents.
• Support risk and vulnerability assessments at the network, system, and application levels.
• Support cyber metrics development, maintenance, and reporting.
• Support cyber threat intelligence development and reporting.
• Identify, develop, and implement routine automation tasks.
• Assist in developing and implementing security controls and operational risk mitigations and support security awareness programs.
• Support a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
• Research, evaluate, and recommend new security tools, techniques, and technologies aligned with security strategy.
• Use COTS/GOTS and custom tools and procedures to scan, identify, contain, mitigate, and remediate vulnerabilities and intrusions.
• Assist in implementing required government policy such as NIST and recommend process tailoring.
• Perform analyses to validate established security requirements and recommend additional safeguards.
• Periodically review system audits and monitor corrective actions until closure.
• Provide briefings to senior staff as needed.
• Adhere to SOC Standard Operating Procedures in a 24x7 environment with shift rotations, weekends, and some holidays.

Experience Requirements:

• Experience analyzing security alerts using a SIEM such as Microsoft Sentinel or equivalent.
• Timely response experience with O365 and Proofpoint email alerts and EDR alerts in CrowdStrike.
• Working knowledge of the incident response lifecycle: identification, protection, detection, response, and recovery.
• Proficiency with programming or scripting such as Python, C++, or JavaScript.
• Hands-on experience with SIEM technologies.
• Experience with IDS/IPS, firewalls, and anti-virus/anti-malware technologies.
• Incident response experience.
• Vulnerability management experience.
• Ability to handle multiple tasks and strong interpersonal skills.

Education Requirements:

• Bachelor's degree in a related field; additional experience may substitute for education.
• Security+, GIAC Security Essentials (GSEC), or similar industry-related certification(s).