Job Title: Cybersecurity Analyst II
Hybrid
Shift : 7AM – 8PM, Friday, Saturday, Sunday
Position Overview:
Encore Technologies is seeking a Cybersecurity Analyst II with a strong focus on security to help evolve our IT Operations Command Center (ITOCC) into a Security Operations Center (SOC). This role will be critical in maintaining our existing systems while expanding into cybersecurity monitoring, incident response, and threat management. The ideal candidate will have experience with systems administration and a growing interest in cybersecurity operations.
Core Responsibilities:
- Support SOC Integration: Collaborate with security teams to help transition from ITOCC to SOC, assisting in the setup of security monitoring tools and incident response workflows.
- Systems Administration: Maintain and support existing infrastructure, including Microsoft Windows Servers, Active Directory, virtualization platforms (e.g., VMware, Hyper-V), and storage systems (e.g., NetApp, Dell EMC).
- Security Incident Triage: Assist in the triage of security alerts from monitoring systems, escalating incidents as needed to higher SOC tiers.
- Log Management: Set up and manage log collection and ensure all logs are fed into the SIEM system for analysis.
- Patch and Vulnerability Management: Perform regular patching of systems and collaborate with security teams to address vulnerability reports.
- Cybersecurity Best Practices: Ensure adherence to security protocols such as multi-factor authentication (MFA), least-privilege access, and conditional access policies.
- Scripting and Automation: Develop scripts using PowerShell or Python to automate routine tasks and enhance monitoring and alerting processes.
Key Responsibilities:
- SOC Readiness: Assist in the configuration of SIEM (Security Information and Event Management) systems and ensure the collection of relevant security data from all key infrastructure components.
- System and Network Monitoring: Monitor systems for potential security threats, using tools such as firewalls, endpoint detection, and threat intelligence platforms.
- Incident Response: Act as the first responder for potential security incidents, conducting initial analysis and escalating issues to Tier 2/3 analysts if necessary.
- Endpoint and Network Security: Ensure that security patches and updates are consistently applied across all endpoints and network devices.
- Backups and Disaster Recovery: Oversee regular backups of critical systems and ensure the restorability of data in case of a breach or incident.
- Security Compliance: Support the maintenance of cybersecurity frameworks like NIST 800, CIS Top 20, and other relevant industry standards.
- Security Reporting: Assist in generating security reports and metrics for management, ensuring continuous improvement of SOC operations.
Minimum Knowledge, Skills, and Abilities:
- Systems Administration: Proven experience with Windows Server, Active Directory, and virtualization platforms.
- Security Knowledge: Basic understanding of cybersecurity principles, including network security, threat detection, and incident response.
- Scripting Skills: Experience with PowerShell, Python, or other scripting languages for automating administrative tasks.
- Collaboration Skills: Strong ability to work cross-functionally with IT and security teams to improve infrastructure security.
- Monitoring Tools: Familiarity with SIEM platforms, firewall logs, and network traffic monitoring.
- Team Player: Willingness to grow within the SOC environment, learning from higher-tier analysts and expanding security knowledge.
Desired Qualifications:
- Experience: 2+ years of experience supporting systems administration in a production environment.
- Cybersecurity Certifications: Interest in, or existing certifications such as CompTIA Security+, CCNA Cyber Ops, or similar.
- Cloud Security Knowledge: Familiarity with Azure or AWS and their security services is a plus.
- Virtualization Knowledge: Experience working with VMware and knowledge of securing virtual environments.
Working Environment:
- Team-based Environment: You’ll work alongside both systems administrators and SOC analysts to support critical systems and security operations.
Opportunity for Growth:
- This role offers opportunities for advancement within both systems administration and cybersecurity as Encore continues to evolve its SOC capabilities.
Encore Talent Solutions is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills, and experiences within our workforce.