Clark Creative Solutions ยท 3 months ago
Cyber Security Analyst (SOC)
San Diego, CA
Full-time
Onsite
Entry, Mid Level
1+ years expClark Creative Solutions is seeking a Cyber Security Analyst to join their Cyber Analyst team. The role involves analyzing technology devices, including Operational Technology and Industrial Control Systems, and performing forensic analysis on various systems to identify security threats and vulnerabilities.
ComputerCyber SecurityInformation TechnologyIntelligent SystemsLogisticsTraining
Responsibilities
Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities
Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices
Asses Security Technical Implementation Guides (STIGs) compliance and completion
Utilize asset mapping tools to verify connected inventory
Handle Information Assurance Vulnerability Management (IVAM) notifications
Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions
Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency
Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiences
Qualification
Required
At least 3 years of experience in security operations (Journeyman level) or 1 to 2 years of applicable experience (Junior level) demonstrating analytical duties and performing host or network security analysis
Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures
Applied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center
Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations
Preferred
Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)
Strong analytical and troubleshooting skills
Able to provide expert content development in Splunk Enterprise Security using tstats and data models
Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliances
Experience in other tools and protocols as applicable such as Nessus, Endgame, CrowdStrike, Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP
Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases
Familiar with the operations and functions of Nessus or security center management
Can assist and provide technical input to research, discover, implement hardware and software
Understands importance and fundamentals of logistics and evidence handling
Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT technology certification
Additional certifications at an equivalent may also be considered
Company
Clark Creative Solutions
Clark Creative Solutions provides cyber security, intelligence services, IT services, program management, and logistical support services.
11-50 employees
Funding
Current Stage
Early StageCompany data provided by crunchbase