SOC Analyst Level 1

SOC Analyst Level 1

Location: Hybrid from either the Nashville, TN or Tulsa, OK location as a preference. Remote considered for extraordinary candidate.

US Citizenship required.

This role requires shift work as follows: The immediate preference is:

Nights 4x10 Wednesday - Saturday Night (9pm - 8am with 1 hour for lunch)

Conquest Cyber, a BlueVoyant Company , understands that our enemies are not simply amateur hackers, but highly motivated, well-funded nation states and criminal organizations. By targeting our nation's defense and critical infrastructure sectors,cyber-attacksthreaten to disrupt the way we live. This is where we sit - at the forefront of this quiet and distributed conflict to ensure cyber resiliency for the sectors critical to our way of life. At Conquest Cyber we build adaptive risk management programs where innovation is most needed, the sectors that protect our way of life.Be part of a world class team, enjoy the challenges and rewards of working with some of the leadingU.S.agencies and companies, protect assets that are vital to our society.

Job Description:

Companies are constantly under attack by sophisticated cyber adversaries that range from nation states to organized criminal activity. In response, the Cyber Security Operations Center (CSOC) is charged with ensuring all customers are secure against all tiers of adversaries. We are on the front lines of security defense e.g. incident response, threat hunting, and intelligence. As a part of our team you'll be working with emerging technologies to solve challenging security problems in a fast-paced and continuously evolving environment. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical security knowledge by developing new detective measures to protect our customers.

Responsibilities:
•   Serve as a primary member of the Cyber Security Operations Center (CSOC) who handles security events and incidents daily in a fast-paced environment.
•   Performs Incident Handling duties which can be minor or major security incidents within the defined Computer Security Incident Response process.
•   Maintains situational awareness for cyber threats across multiple clients and take action where necessary.
•   Malware and exploit analysis.
•   Intrusion monitoring and response.
•   Assessing alerts and notifications of event activity from our SIEM platform, and intrusion detection systems by responding accordingly to the threat.
•   Continuing content development of threat detection and prevention systems.
•   Data analysis and threat research by maintaining knowledge of security principles and best practices. Must remain abreast of emerging threats and trends.
•   Assists teams in various security and privacy risk mitigation efforts, including incident response.
•   Leads or participates in information security related projects or in managing strategy.
•   Develop new forensic detective and investigative capabilities using current technical solutions. SOC Analyst Level 1

Location: Hybrid from either the Nashville, TN or Tulsa, OK location as a preference. Remote considered for extraordinary candidate.

US Citizenship required.

This role requires shift work as follows: The immediate preference is:

Nights 4x10 Wednesday - Saturday Night (9pm - 8am with 1 hour for lunch)

Conquest Cyber, a BlueVoyant Company , understands that our enemies are not simply amateur hackers, but highly motivated, well-funded nation states and criminal organizations. By targeting our nation's defense and critical infrastructure sectors,cyber-attacksthreaten to disrupt the way we live. This is where we sit - at the forefront of this quiet and distributed conflict to ensure cyber resiliency for the sectors critical to our way of life. At Conquest Cyber we build adaptive risk management programs where innovation is most needed, the sectors that protect our way of life.Be part of a world class team, enjoy the challenges and rewards of working with some of the leadingU.S.agencies and companies, protect assets that are vital to our society.

Job Description:

Companies are constantly under attack by sophisticated cyber adversaries that range from nation states to organized criminal activity. In response, the Cyber Security Operations Center (CSOC) is charged with ensuring all customers are secure against all tiers of adversaries. We are on the front lines of security defense e.g. incident response, threat hunting, and intelligence. As a part of our team you'll be working with emerging technologies to solve challenging security problems in a fast-paced and continuously evolving environment. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical security knowledge by developing new detective measures to protect our customers.

Responsibilities:
•   Serve as a primary member of the Cyber Security Operations Center (CSOC) who handles security events and incidents daily in a fast-paced environment.
•   Performs Incident Handling duties which can be minor or major security incidents within the defined Computer Security Incident Response process.
•   Maintains situational awareness for cyber threats across multiple clients and take action where necessary.
•   Countermeasure deployment across various technologies.
•   Malware and exploit analysis.
•   Intrusion monitoring and response.
•   Assessing alerts and notifications of event activity from our SIEM platform, and intrusion detection systems by responding accordingly to the threat.
•   Continuing content development of threat detection and prevention systems.
•   Data analysis and threat research by maintaining knowledge of security principles and best practices. Must remain abreast of emerging threats and trends.
•   Assists teams in various security and privacy risk mitigation efforts, including incident response.
•   Leads or participates in information security related projects or in managing strategy.
•   Develop new forensic detective and investigative capabilities using current technical solutions. Requirements
•   Analysis: Identify and understand issues, problems, and opportunities; compare data from various sources to draw conclusions.
•   Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.
•   Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that is consistent with available facts, constraints, and probable consequences.
•   Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill or knowledge in position-related areas; remains current with developments and trends in areas of expertise.
•   Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals and collaborate with cross-functional teams to provide technical expertise and guidance on best practices and methodologies.
•   Client Focus: Make internal and external clients and their needs a focus of actions; develop and sustain productive client relationships.
•   Must be willing to work weeknight or weekend night shifts.
•   Extended working hours may be required as dictated by management and business needs. Qualifications
•   B.S. in Computer Science, Computer Engineering, MIS, or related degree and a minimum of one (1) year experience in cyber security or incident response.
•   Hands on experience with using security monitoring tools, running vulnerability scans, and reviewing assessment reports.
•   Systems administrator experience in Linux, Unix, Windows or OSX operating systems is desirable.
•   Knowledge of networking and the common network protocols.
•   Demonstrated ability to create scripts, develop tools, or automate processes in PowerShell, Python or Bash.
•   Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis.
•   Demonstrated ability to perform static and dynamic malware analysis.
•   Demonstrated ability to analyze large data sets and identify anomalies.
•   Demonstrated ability to quickly create and deploy countermeasures under pressure.
•   Familiarity with common infrastructure systems that can be used as enforcement points.
•   Strong organizational skills with the ability to coordinate and prioritize multiple tasks simultaneously.
•   Must work well under pressure to meet deadlines.
•   One or more of the following (or similar), or the ability to obtain within one year:
•   CSA: Certified SOC Analyst
•   GISF: Information Security Fundamentals
•   GSEC: Security Essentials
•   GCIH: Certified Incident Handler
•   CompTIA Security+ PreferredCompetencies
•   Willing to work at a high level of intensity and fast pace to support the needs of rapidly growingbusinesses.
•   Flexible and able to handle multiple projects at one time while maintaining incredible attention todetail.
•   Maintain a positive, solutions-focusedattitude click apply for full job details