Sierra Cybernetics is seeking a Cyber Security Operations Center Incident Response Analyst to work for us at our government client’s office at Port of Los Angeles in downtown San Pedro.
This assignment is expected to last 12 months or more.
- The key requirement is deep cyber security incident response experience within an Operations Center environment.
- Minimum five (5) years of incident handling, security architecture, malware analysis, or similar experience is required
- Mastery of cyber security incident response tools
- Have at least one of the following certifications (must be current): Security+, GSEC, GCIA, GCIH or CISSP
- Be a US Citizen.
- Provide proof of background investigation of candidate that has been performed within the last 12 months (the Port reserves the right to conduct additional background investigation of the candidate and/or request copies of the background investigation information).
- Be able to work normal work hours from 7am to 4pm. Occasional after hours work may also be required.
- Valid security clearance is preferred but not required.
EXAMPLE OF DUTIES
- Ability to demonstrate mastery of Tier 1 and Tier 2 Security Operations Center (SOC) Analyst responsibilities
- Ability to technically interpret security events from: firewalls, endpoint protection, intrusion prevention/detection systems, security information and events management (SIEM), proxies, advanced persistent threats, email systems, servers (physical and virtual), databases and packets
- Ability to interpret common attacks and exploits including but not limited to: Denial of Service, Domain Name Systems, malware infections, exploit kits, drive-by compromises, spear phishing, and/or zero days
- Ability to analyze and reverse engineer malware packages to assess threats and indicators of compromise
- Ability to create, correlate and modify advanced SIEM use-cases to trigger notifications on all severity levels of incidents
- Ability to develop, analyze and interpret programming of malicious codes
- Ability to reliably monitor and analyze specified data sources and incidents
- Must have technical experience and knowledge on network and systems administration
- Ability to consistently follow incident monitoring processes and procedures
- Ability to document and communicate incident status updates, for non-technical personnel
- Ability to create consistent and complete incident reports
- Responsible for monitoring escalated event alerts
- Ability to work well under pressure be able to think outside of the box
Commensurate with education and experience, W-2 or C2C, must be US citizen