Drag

Security

Location : ,

Job Description

Security Operations Center (SOC) Analyst.

 

Job Title: Security Operations Center (SOC) Analyst
 
Job Summary:
The Security Operations Center (SOC) Analyst is critical in safeguarding the State of Nebraska's digital assets by actively monitoring, analyzing, and responding to security incidents. This position requires a keen understanding of cybersecurity principles, threat detection, incident response, and strong analytical skills to identify and mitigate security threats in real-time. As a member of the Information Security Team, this in-person position requires the person to be on call. 
Responsibilities:
·Monitor and triage security alerts and events from various sources, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
·Conduct in-depth analysis of security events to identify potential security incidents or breaches.
·Investigate and triage security alerts, determining the threat's scope, impact, and severity.
      Aid in developing and maintaining standard operating procedures (SOPs) for incident detection, response, and escalation.
·Collaborate with cross-functional teams to resolve security incidents and implement appropriate countermeasures.
·Perform threat-hunting activities to proactively identify and mitigate emerging threats.
·Maintain and update security tools and technologies to ensure optimal performance and effectiveness.
·Provide timely and accurate reports on security activities, trends, and metrics to leadership and stakeholders.
·Participate in security awareness training and education programs for staff members to enhance cybersecurity awareness and best practices.
·Stay current with industry trends, emerging threats, and security technologies to continuously improve SOC capabilities.
Requirements:
·Associate degree in Computer Science, Information Technology, Cybersecurity, or related field.
·Minimum of 2 years of experience working in a security operations center or similar role.
·An associate's degree with a minimum of 4 years of experience is also accepted.
·Strong understanding of cybersecurity principles, threat landscape, and attack vectors.
·Proficiency in using security tools such as SIEM, IDS/IPS, endpoint detection and response (EDR), and threat intelligence platforms.
·Experience with incident response procedures, including incident triage, containment, eradication, and recovery.
·Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).
·Excellent analytical and problem-solving skills, with the ability to analyze large datasets and identify anomalies.
·Effective communication skills, with the ability to convey technical information to non-technical stakeholders.
·Relevant certifications such as CompTIA Security+ and Certified Information Systems Security Professional (CISSP) are helpful.
·Ability to work effectively in a fast-paced environment and prioritize tasks based on the severity and impact of security incidents.