Security Operations Center Analyst

Position Summary:

seeking an experienced Security Operations Center (SOC) Analyst with strong expertise in Endpoint Detection and Response (EDR) tools and cyber‑security incident handling. The ideal candidate will thrive in a fast‑paced environment with aggressive timelines and will be responsible for monitoring, analyzing, and responding to events and alerts supporting statewide IT systems. This is a remote position.

Required Experience:

• Hands‑on experience working with Endpoint Detection and Response (EDR) tools

• Experience responding to, and analyzing, cyber‑security events and incidents

• Experience working with Crowdstrike, or comparable EDR tool

• Ability to work in high‑pressure, fast‑paced environments

Experience working with CrowdStrike or comparable EDR tool

Responsibilities:

• Provide security monitoring and response efforts for, and in coordination with, the Security Operations Center (SOC)

• Lead outreach and coordination with statewide partners, including County, Municipal, and educational entities

• Strong communication, reporting, and documentation abilities

• Monitor, analyze, and respond to cyber-security events, alerts, and incidents affecting State of Iowa IT systems

• Take appropriate actions to protect IT assets from potential incidents and threats

• Document and report changes, trends, and implications related to evolving cyber-security tools, systems, and solutions

• Follow SOC processes and assist ISD Security Engineers and OCIO support teams during alerts, events, and incidents

• Submit new events and update existing events within the SOC ticketing system

• Provide phone and email support to state agencies and participating partners during alerts, events, and incidents

• Provide off‑hours or ad‑hoc shift support as required

• Proven ability to collaborate effectively with partners across varying technical backgrounds

• Capability to perform Tier 1 troubleshooting, including log collection, documentation review, and appropriate escalation

• Maintain up‑to‑date knowledge on relevant cyber-security technologies and tools

• Support Tier 1 SOC Analysts in triaging cyber-security events, alerts, and incidents

• Follow detailed operational procedures to analyze, escalate, and support remediation of critical security incidents

• Assist with SOC metrics, reporting, and communications

• Support incident response activities up to the preliminary forensics stage

• Monitor EDR tools and perform initial assessment and data gathering for alerts