First tier cybersecurity support technician responsible for:
- Utilizes the Security Operations Center (SOC) checklist, reviews the latest alerts/events from various SOC sensors to determine relevancy and urgency
- Reviews open source, and other sources of, information to identify events that should be transitioned into the incident response process
- Creates new incident tickets for alerts that signal an incident and require Tier 2 incident response review
- Handles incidents that have been tasked to Tier I
- Under supervision, may manage and configure security monitoring tools (SIEM, IDS, Firewall, Access Control Lists, etc.) to mitigate existing threats/vulnerabilities.
Minimum of one (1) year of professional experience in network or UNIX/Linux system administration, software engineering, software development, and/or a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field. Must have some experience working with various security methodologies and processes, knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP) protocols, knowledge and experience configuring and implementing a diverse array of technical security solutions, and experience providing analysis and trending of security log data from a large number of heterogeneous security devices. Tier I shall also be proficient in at least one programming language, have experience with reverse engineering tools, a variety of operating systems and open source computer forensic tools, and a working understanding of computer forensic techniques and methodologies.
Education: Bachelor’s Degree
Certifications: Security+ CE CCNA Security CSA+ GICSP GSEC SSCP
Must attain any one of the certifications above within six months of hiring (starting) date
Security Clearance: Top Secret
Years of experience: 1 years