The Security Analyst is part of the Security Monitoring and Response team which provides Department-wide 24x7 security, network system monitoring and incident handling. This includes monitoring, reporting, coordination and escalation, where applicable, of events and tracking of Department incidents. The Security Analyst is responsible for providing effective security monitoring and incident response through triage, investigation, communication, and reporting.
Security Analysts perform real-time log analysis to provide network and data security for Computer Security Incident Response Center (CSIRC) clients leveraging log correlation platforms. Analysts evaluate the type and severity of security events by making use of packet analyses, and their in-depth understanding of exploits and vulnerabilities. Analysts customer service by following the appropriate escalation procedures. Analysts work in a team environment and monitor the health and wellness of network and security devices within the SOC.
Knowledge of the one or more of the following tools:
All candidates for this position must be open to shift work as the SOC is a 24x7 environment. Shifts will be discussed with each candidate to determine specific hours and days.