Tier 1 Cyber Security Analyst

Job ID: 2404800

Location: SANTA ANA, CA, US

Date Posted: 2024-04-01

Category: Cyber

Subcategory: Cyberspace Ops

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: None

Potential for Remote Work: No

Description

SAIC is seeking a Tier 1 Cyber Security Analyst to join our County of Orange Security Operations Center (SOC) team. The core mission of the SOC is to protect County assets, systems, and data against cyber threats. The Tier 1 Security Analyst will create, tune, monitor, and investigate Security Information and Event Management (SIEM) alerts and assist with other SOC functions such as incident response, digital forensics, data loss prevention, and eDiscovery actions.

This role is hybrid remote and requires 2 days per week onsite in Santa Ana, CA!

Responsibilities:

• Proactively monitor security events for networks and systems.
• Identify, investigate, and report on potential Security Incidents.
• Support risk and vulnerability assessment at the network, system, and application level.
• Support threat-modeling exercises.
• Helps develop and implement security controls and formulate operational risk mitigations along with assisting in security awareness programs.
• Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
• Researches, evaluates, and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.
• Utilizes COTS/GOTS and custom tools and processes/procedures to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.
• Assists in the implementation of the required government policy (i.e., NIST), and makes recommendations on process tailoring.
• Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards.
• Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed.
• May support cyber metrics development, maintenance, and reporting.
• May provide briefings to senior staff.

Qualifications

Required Education and Experience:

• A Bachelor’s degree in related field and 0 years of related experience required; 2 years of related experience is highly preferred. Additional experience can be substituted in lieu of education.
• Preferred Certifications: Security , GIAC Security Essentials (GSEC), or similar industry related certification(s).
• Must be able to pass the LiveScan background check and Probation Department review.
• Must be able to pass a Drug Screen.

Required Skills:

• Professional experience with:
  • Security Information and Event Management (SIEM) technologies
  • IDS/IPS, Firewalls, and Anti-Virus/Anti-Malware technologies
  • Incident Response
  • Vulnerability Management
• Experience in analyzing security alerts via MS Sentinel Security Information and Event Management (SIEM) (experience with other SIEM tools would be acceptable).
• Timely responses to email security alerts in O365 and Proofpoint, and Endpoint Detection and Response (EDR) system alerts in Crowdstrike.
• Working knowledge of the full Incident Response cycle: Identification, Protection, Detection, Response, Recover.
• Adherence to Standard Operating Procedures for the SOC.

Target salary range: $75,001 - $85,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.