Analysis Skills, Communication Skills, Computer Security, DOM (Document Object Model), Data Collection, Documentation, Documentation Review, Forensic Science, Identify Issues, Incident Response, Information Technology & Information Systems, Internet Security, Metrics, Operational Audit, Operations Processes, Security Analysis, Security Attacks, Security Monitoring, Team Player, Technical Support, Trend Analysis
Job id: 801624
SOC Analyst- Endpoint Detection and Response
Client: IA DOM DOIT
Location: Remote, Des Moines, IA
Duration:
Job Description:
- The State of Iowa is seeking an experienced Security Operations Center (SOC) Analyst with strong expertise in Endpoint Detection and Response (EDR) tools and cyber security incident handling.
- Position Summary:
The State of Iowa is seeking an experienced Security Operations Center (SOC) Analyst with strong expertise in Endpoint Detection and Response (EDR) tools and cyber security incident handling. The ideal candidate will thrive in a fast paced environment with aggressive timelines and will be responsible for monitoring, analyzing, and responding to events and alerts supporting statewide IT systems. This is a remote position.
Required Experience:3
- Hands on experience working with Endpoint Detection and Response (EDR) tools
- Experience responding to, and analyzing, cyber security events and incidents
- Experience working with Crowdstrike, or comparable EDR tool
- Ability to work in high pressure, fast paced environments
- Experience working with CrowdStrike or comparable EDR tool
Responsibilities:
- Provide security monitoring and response efforts for, and in coordination with, the Security Operations Center (SOC)
Lead outreach and coordination with statewide partners, including County, Municipal, and educational entities - Strong communication, reporting, and documentation abilities
- Monitor, analyze, and respond to cyber-security events, alerts, and incidents affecting State of Iowa IT systems
Take appropriate actions to protect IT assets from potential incidents and threats
Document and report changes, trends, and implications related to evolving cyber-security tools, systems, and solutions
Follow SOC processes and assist ISD Security Engineers and OCIO support teams during alerts, events, and incidents
Submit new events and update existing events within the SOC ticketing system
Provide phone and email support to state agencies and participating partners during alerts, events, and incidents
Provide off hours or ad hoc shift support as required - Proven ability to collaborate effectively with partners across varying technical backgrounds
Capability to perform Tier 1 troubleshooting, including log collection, documentation review, and appropriate escalation
Maintain up to date knowledge on relevant cyber-security technologies and tools
Support Tier 1 SOC Analysts in triaging cyber-security events, alerts, and incidents
Follow detailed operational procedures to analyze, escalate, and support remediation of critical security incidents
Assist with SOC metrics, reporting, and communications
Support incident response activities up to the preliminary forensics stage
Monitor EDR tools and perform initial assessment and data gathering for alerts