THE SECURITY OPERATIONS CENTER ANALYST IS THE FIRST TO RESPOND TO CYBER SECURITY INCIDENTS. THEY REPORT ON CYBERTHREATS AND WORK WITH SECURITY ENGINEERS AND OTHER STAKEHOLDERS TO IMPLEMENT ANY CHANGES NEEDED TO PROTECT WPCU’S INFRASTRUCTURE AND DATA.
- Threat Intelligence and Detection Engineering - Collect, analyze, triage, and disposition information from all threat sources. Updating signatures, rules, or other defensive countermeasures that “arm and inform” monitoring infrastructure based on analyzing the threat intelligence. Ensures proper policies, procedures, risk mitigation activities, and operating controls are followed. Reports gaps in policies, procedures. (35%)
- Situational Awareness - Collect, analyze, and report information (near) real time that provides situational awareness and a common operating picture. (20%)
- Logging - Perform audit logging of users, applications, networks, systems, and access to physical assets. (15%)
- Monitoring - Monitor users, applications, networks, systems, and access to physical assets (e.g. intrusion prevention/detection, email/spam filtering, web filtering). (15%)
- Virus and Malicious Code Management - Detect, analyze, and eliminate viruses and malicious code. (10%)
- Incident Response - Detect, triage, analyze, respond to, and recover from suspicious events and security incidents (5%)
Required Skills
SPECIALIZED OR TECHNICAL KNOWLEDGE AND SKILLS:
- 2-5 years of experience in the information technology field.
- Bachelor’s Degree is desired, preferably information technology or computer science.
- CompTIA Security+, CySA+, or EC-Council Certified Ethical Hacker (CEH) certification required. Candidates without these certificates will be considered, however they may be required to obtain certification within the first year.
- Working knowledge of network defense, forensics, reverse engineering, and incident response.
- Excellent written and verbal communication skills.
Required Experience