On the frontline of our Cyber Security Operations Center (CSOC), you will play a crucial role as the first line of defense. Your responsibilities include triaging security alerts and notifications, utilizing critical decision-making skills. Working within a team of CSOC Analysts, you will escalate incidents to the relevant levels within the CSOC hierarchy, adhering to established requirements and standard operating procedures. This position requires on-site support at Rockville, MD location.
Essential Duties and Responsibilities:
Provide Level I technical support within the 24/7 operations environment of the Cyber Security Operations Center (CSOC).
Deliver regular updates to CSOC Level II support on operational activities and developments.
Conduct initial triage and response to events, notifications, and alerts in the CSOC.
Identify security incidents, escalate them to the appropriate CSOC tier, and maintain thorough documentation.
Utilize the CSOC ticketing system and contribute to the development of efficient incident reporting procedures.
Stay informed about IT infrastructure changes that may impact national cybersecurity or threat detection.
Recommend improvements to Level II support for enhancing Level I CSOC duties and activities.
Keep abreast of the organization's comprehensive security tool suite for effective incident development and escalation.
Engage in ongoing knowledge-sharing sessions within CSOC and IT departments.
Assist, as needed, in the forensic analysis of less complex digital media devices.
Contribute to documentation of findings and recommendations for digital media analysis.
Education, Experience and Abilities:
Minimum Qualifications: Bachelor's degree in a relevant field and 1-3 years of cyber operations experience.
Alternative Qualifications: Strong work experience and relevant certifications may be considered in lieu of a bachelor's degree.
Essential Certifications: Splunk Core Certified User, Security+, and A+.