Benefits: 401(k) 401(k) matching Competitive salary Dental insurance Employee discounts Flexible schedule Health insurance Paid time off Vision insurance InfoSight is growing and is in search of Security/Network Operations Center (S-NOC) Tier 1 Analysts for their 24x7x365 Security/Network Operations Center environment.
The SNOC Tier 1 Analyst must be willing to work in our 24x7x365 Security Operations Center, work some holidays and allow for flexible scheduling.
Primary responsibilities include monitoring network traffic for security events and performing triage analysis to identify security incidents.
In addition, Tier 1 Analysts are expected to respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensuring incidents are recorded and tracked in accordance with SNOC requirements.
SNOC Tier 1 Analyst will work closely with other teams to assess risk and provide recommendations for improving our clients security posture.
Job Duties and Responsibilities: Monitor network traffic for security events and perform triage analysis to identify security incidents Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with SOC requirements Perform network security monitoring and incident response for a large organization Maintain records of security monitoring and incident response activities, utilizing case management and ticketing technologies Monitor and analyze Security Information and Event Management (SIEM) to identify security issues for remediation Knowledge of creating Security Information Event Management (SIEM) rules Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information Recommend changes to Standard Operating Procedures and other similar documentation Generate end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty Day to day systems management, administration, and monitoring.
Oversees and maintains a high level of quality service and participates in monitoring and status reporting.
Utilizes various network tools for monitoring and testing the network and its devices.
Perform various tasks associated with migrating test applications to the production environment.
Participates in data and physical integrity controls for SNOC.
Qualifications (Education Experience and Certifications): One or more years experience working with SIEM and background in security incident response, system operations and threat intelligence CompTIA Security/Network, CCNA, SANs GSEC, GCIH, GCIA Associates Degree or Higher in Cybersecurity or IT related field preferred Knowledge, Skills, and Abilities: Knowledge of incident response, vulnerability management, security intelligence, and the operation of advanced security tools Ability to diagnose a networking failure that results in unavailable service to the customer and ability to take appropriate steps to correct them.
Working knowledge of any of the following: Splunk, Microsoft Azure, Microsoft Sentinel, AWS EC2, Palo Alto or other enterprise grade Network Infrastructure Ability to handle multiple competing priorities in a fast-paced and high-pressure environment Ability to work effectively with technical and non-technical business users High level of verbal and written communications.
Knowledge of operating systems.
Ability to deal courteously with all customers.
Compensation/Benefits: Starting salary based on experience Comprehensive benefits package, including health, dental, life, & vision insurance, paid PTO, traditional 401(k) Retirement Plan with matching, Education Reimbursement, and more