IT Security 2 (General Analyst)

IT Security 2 (General Analyst) Description: a. The IT Security General Analyst support the Security Operations Control Center (SOCC). The SOCC is a 24/7/365 operation that requires shift rotations, weekend, after hours, or on-call support to meet program requirements. Responsibilities a. Responsible for Tier 1 security configuration hardening, incident detection/ investigation and reporting to management and customer security contacts. b. Monitor security events to identify anomalies for possible incidents within the network. c. Manages Security Information and Event Management (SIEM) infrastructure and applications, including workflow management, threat hunting assignments, threat intelligence ingests, rule/alert creation and operational maintenance. d. Use developed skills, tools, and external resources to validate security related events to determine validity, exposure or false positive conditions. e. Ability to retrieve, correlate and analyze event history, configuration files and system logs to assess presence of anomalous events. f. Produce time-critical, technical reports to management outlining incident and potential mitigation. g. Communicate with SOC and Network Operations Center (NOC) staff about potential incidents, indicators and/or warnings. h. Troubleshoot and effect restoration of service-impacting issues affecting customer VPN performance. i. Handle trouble calls from customers and internal network users. j. Apply baseline security configurations to network equipment to harden or update to meet approved requirement baselines. k. Ability to provide on-call support on a rotational basis as needed on weeknights and weekends. l. Ability to work in a fast-paced operational environment to maintain availability and resiliency of network security services to customers. Required Qualifications: a. Bachelor's degree in IT or related field, and minimum 2 years related experience; or Masters' degree in IT or related field. b. Minimum of (1) years' experience in the Information Security field. c. Minimum of (1) years' experience in the network engineering fields (Firewalls, Routers, Switches, VPN). d. Ability to obtain a Public Trust Clearance - e. Ability to work onsite at Company offices located in Melbourne, Florida. Remote work is not possible. f. Ability to support on call schedule rotations. On call requires this candidate to report onsite with a response time of one hour maximum. g. Ability to support shift rotations and different schedules which may include day, weekend, evening, or overnight shifts. h. Ability to travel to disaster recovery site and support as needed. Preferred Additional Qualification: a. Understanding of various Operating Systems (e.g., Windows, Linux, etc.). b. Understanding of system logs and be familiar with log analysis. c. Understanding of predominant cyber-attack vectors (Buffer Overflow, Phishing, etc.). d. Information Security Operations Center analyst experience. e. CompTIA Security Certification or equivalent certification preferred. f. Understanding of system vulnerabilities and exploitation. g. Understanding of vulnerability mitigation. h. Knowledge of SIEM functions threat hunting, correlation of events, dashboard creation, metrics development, and creating alerts based on threat intelligence and other Indictors of Compromise (IOC)s. i. Strong written and oral communication skills, be self-motivated and a self starter, maintain a curiosity and desire to learn, and be able to work well in a team environment. j. Ability to prioritize vulnerability mitigation efforts based on risk