6 Security Operations Analyst Jobs in Lakewood, CO
SORT BY
Z
T
T
K
A
A
Security Operations Analyst
$107k-131k (estimate)
Full Time
6 Months Ago
Tuknik Government Services is Hiring a Security Operations Analyst Near Lakewood, CO
TGS
Tuknik Government Solutions, a Koniag Government Services Company, is seeking an experienced Security Operations Analyst to support TGS and our government customer in Lakewood, CO. Compensation for this position ranges from $60,000 to $75,000 based on experience.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Shift: Sunday to Thursday from 11am MST to 730MST
Position Overview:
The customer’s Security Operations Center (SOC), Analyst activity is responsible for monitoring and enforcing compliance with documented and distributed SSA system security standards. SOC protects the customer's critical assets by anticipating and leading the response to potential computer-related threats and vulnerabilities.
Several systems within the security architecture allow the SOC the ability to identify threats in a proactive manner. Staff provides the continuity of effectiveness necessary for SOC to respond to more advanced threats, and to adapt to network changes initiated by other systems components. In addition, the correlation of events with data collected from other SOC initiatives will substantiate a more complete analysis of current network stability against threats.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
Monitor, analyze, and manage the health of the network security operations systems, to include responding to events by documenting and investigating alerts generated by these systems.
Capture and measure data about security events
- Provide 24/7/365 monitoring and analysis of Security event alerts across the enterprise network.
- Monitor agency systems and daily log events to identify potential security threats. Sources include, but not limited to, sensor alert logs, firewall logs, content filtering logs, and Security Event Manager.
- Utilize email, instant messaging, and other monitoring tools to remain aware of current threats SSA networks face daily.
- Review all incoming alerts, and potential security threats, and properly investigate and ticket all identified potential security threats within the agency incident response-ticketing platform.
- Validate traffic and/or network activity (per alerts/logs) as anomalous in accordance with established Standard Operating Procedures.
- Identify, investigate, and escalate potential security threats to senior technicians in accordance with established Standard Operating Procedures.
- Utilize agency Security Event Manager Software to measure and model traffic, while identifying patterns and ports.
- Manage the resolution of computer security events that affect SSA information systems using SSA SOC provided incident response ticketing system.
Reporting
- Use the incident response-ticketing platform to determine and document problem status, resolution, and prevention measures.
- Produce ad-hoc reports as directed by the task manager.
- Provide written reports to the SSA SOC Manager detailing all security events related to network security matters and submit these reports according to the procedures and reporting requirements established in the SOPs and SSA guidelines.
- Prepare monthly reports for insertion into the US-CERT Report.
- Prepare a monthly report on the status and progress of all current open security incident tickets and ad-hoc assignments.
Perform Preliminary Analysis of Collected Data
- Perform a preliminary analysis of collected data.
- Investigate Open-Source Threat Intelligence in accordance with established procedures.
- Upon identification of a possible threat, communicate that threat to customer, as directed by the task manager.
- Communicate information to remediation technicians and may be required to aid with remediation after the technicians are consulted.
- Identify the necessity for, and implementation of, the creation of new intrusion detection signatures.
- Monitor daily log data gathered from various resources, such as sensor alert logs, firewall logs, content filtering logs, and Security Event Manager for suspected security threats
- Analyze and process suspicious web or email files for malicious code discovered through enterprise log monitoring and any other available sources.
- Filter non-threatening network traffic for enhanced reporting accuracy.
- Document a problem resolution progress from initial reporting to resolution within the agency incident response ticketing platform
- Make determinations of the operational impact that a particular threat has on SSA systems
- Follow the escalation procedure SOP to make a recommendation for immediate corrective actions to higher-level technicians.
- Assist with remediation, if requested. Assistance may include but is not limited to gathering additional log data, contacting users, or testing remediation processes.
- Respond to new threats and may be required to initiate and assist in drafting remediation strategies. All documentation will be hosted in the branch’s collaborative document library.
- Provide ongoing monitoring of intrusion detection systems and newly developed exploits for Windows and UNIX systems.
- Identify newly discovered vulnerabilities and exploits. Develop, implement, and disseminate new intrusion detection signatures as directed by the task manager, creating custom signatures when needed.
- Continuously tune Government provided Security Information and Event Management (SIEM) System, through rule creation and engineering to reduce false positives and discover previously unknown threats
- Monitor Open-Source intelligence threat feeds, responding to anomalies and creating a ticket in the agency incident response-ticketing platform of any identified PII leaks.
- Classify events based on the most current US‐CERT Impact Classification guidelines.
- Provide 24/7/365 monitoring of the “SOC SPAM” mailbox(s) for suspicious messages submitted by SSA government and contractor personnel.
- Maintain awareness of Open-Source intelligence threats, identifying risks to agency personnel involved in Open sources breaches, and documented breaches within the agency incident response-ticketing platform.
- Conduct Threat intelligence research of open sources to identify previously unknown Indicators of Compromise. Indicators shall be validated by senior analysts and updated on all Security sensors/systems.
Education:
- 2 years of direct SOC Cyber experience or Computer Security Incident Response Team (CSIRT).
- Minimum education also includes HS diploma, but Associates in cyber will be favorably reviewed.
- Must have at least one of the following industry certifications:
- CompTIA Security
- CompTIA Network
- CompTIA CySA
- CompTIA A (Preferred)
- Proof of certifications to be printed and provided to COR & task manager prior to assignment.
- Additional education considered include bachelor or a master degree in computer science, cybersecurity, or information technology, or advanced certifications such as Certified Ethical Hacker (CEH) or Certified Information System Security Professional (CISSP).
- Strong oral presentation skills and the ability to articulate English in a clear and concise manner.
Work Experience, Knowledge, Skills & Abilities:
- Possess a working knowledge of Security Operations and the role such systems play in detecting intrusion attempts.
- Must have experience responding to computer security incidents.
- Requires comprehension of, and experience with, viruses and worms that may infiltrate into and propagate throughout a large network.
- Must have experience with Microsoft Windows Operating Systems both desktop and server.
- Requires knowledge networking fundamentals to understand how network assets communicate and behave on the network, requiring routing and networking protocols such as IP, FTP, SSH, SSL, Telnet, SMTP, TCP/IP, UDP, Windows SMB, and others.
- Supports integration of multiple vendor products into a seamless operation.
- Must be able to obtain a client sponsored Public Trust level of adjudication.
- May be required to report for duty during period of inclement weather and other emergency situations.
Working Environment & Conditions
This job operates in a professional office environment and has a noise level of mostly low to moderate. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand; walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The workload may require the incumbent to sit for extended periods of time. The incumbent must be able to read, do simple math calculations and withstand moderate amounts of stress. The incumbent must occasionally lift and/or move up to 25 lbs. Specific vision abilities required by the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus.
This job operates in a professional office environment and has a noise level of mostly low to moderate. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. This position is primarily indoors, consistent with a standard office position and has a noise level of mostly low to moderate. The incumbent is required to stand; walk; sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; talk and hear. The workload may require the incumbent to sit for extended periods of time. The incumbent must be able to read, do simple math calculations and withstand moderate amounts of stress. The incumbent must occasionally lift and/or move up to 25 lbs. Specific vision abilities required by the job include close vision, distance vision, color vision, depth perception, and the ability to adjust focus.
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender, or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms, and conditions of employment.
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, sex, sexual orientation, gender, or gender identity (except where gender is a bona fide occupational qualification), national origin, age, disability, military/veteran status, marital status, genetic information or any other factor protected by law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or to apply to a position on our website, please contact Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
#LI-DM1
Job Summary
JOB TYPE
Full Time
SALARY
$107k-131k (estimate)
POST DATE
11/01/2023
EXPIRATION DATE
05/27/2024
WEBSITE
tuknikgs.com
HEADQUARTERS
Chantilly, VA
SIZE
<25
Related Companies
Show more
The job skills required for Security Operations Analyst include Cybersecurity, CISSP, Security Architecture, Incident Response, SIEM, Computer Science, etc. Having related job skills and expertise will give you an advantage when applying to be a Security Operations Analyst. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Security Operations Analyst. Select any job title you are interested in and start to search job requirements.
For the skill of Cybersecurity
Strategic Business Systems (SBS)
Full Time
$95k-124k (estimate)
3 Months Ago
For the skill of Security Architecture
Kforce Technology Staffing
Full Time
$138k-170k (estimate)
Just Posted
Show more
The following is the career advancement route for Security Operations Analyst positions, which can be used as a reference in future career path planning. As a Security Operations Analyst, it can be promoted into senior positions as a Cyber Security Architect III that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Security Operations Analyst. You can explore the career advancement for a Security Operations Analyst below and select your interested title to get hiring information.
Similar Jobs
Popular Articles
Top 10 Things to Avoid Putting on a Job Application
Read Article
How to Describe Your Education in a Resume
Read Article
How to Write a Memorable Cover Letter in 5 Ways
Read Article
4 Personal Finance Tips to Make During Job Transition
Read Article
4 Best Camera Setups for Interview
Read Article
Keeping a Job Search Journal: 9 Types of Journaling You Can Do
Read Article
