Summary:

The Security Operations Center (SOC) Analyst is critical in safeguarding the State of Nebraska s digital assets by actively monitoring, analyzing, and responding to security incidents. This position requires a keen understanding of cybersecurity principles, threat detection, incident response, and strong analytical skills to identify and mitigate security threats in real time. As a member of the Information Security Team, this is an in-person position that requires the person to be on call.

Responsibilities:

• Monitor and triage security alerts and events from various sources including SIEM, IDS/IPS, firewalls, and endpoint protection systems ,et al.
• Conduct in-depth analysis of security events to identify potential security incidents or breaches.
• Investigate and triage security alerts, determining the scope, impact, and severity of the threat.
• Aid in development and maintain standard operating procedures (SOPs) for incident detection, response, and escalation.
• Collaborate with cross-functional teams to resolve security incidents and implement appropriate countermeasures.
• Perform threat hunting activities to proactively identify and mitigate emerging threats.
• Maintain and update security tools and technologies to ensure optimal performance and effectiveness.
• Provide timely and accurate reports on security activities, trends, and metrics to leadership and stakeholders.
• Participate in security awareness training and education programs for staff members to enhance cybersecurity awareness and best practices.
• Stay current with industry trends, emerging threats, and security technologies to continuously improve SOC capabilities.

Requirements:

• Associates degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Minimum of 2 years of experience working in a security operations center or similar role.
• An Associates degree is also accepted with a minimum of 4 years of experience.
• Strong understanding of cybersecurity principles, threat landscape, and attack vectors.
• Proficiency in using security tools such as SIEM, IDS/IPS, endpoint detection and response (EDR), and threat intelligence platforms.
• Experience with incident response procedures, including incident triage, containment, eradication, and recovery.
• Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).
• Excellent analytical and problem-solving skills, with the ability to analyze large datasets and identify anomalies.
• Effective communication skills, with the ability to convey technical information to non-technical stakeholders.
• Relevant certifications such as CompTIA Security , Certified Information Systems Security Professional (CISSP) are helpful.
• Ability to work effectively in a fast-paced environment and prioritize tasks based on the severity and impact of security incidents.
• Must be able to pass background checks and employment screenings.