No more applications are being accepted for this job
- Protect Customer's security posture by monitoring and assessing SIEM events from client security devices, sensors, and authentication services
- Coordinate containment, response, and recovery efforts as part of security incident response
- Manage network computer and system security incidents relating to data spills, misclassifications, unauthorized software downloads, system misconfigurations, cross-domain violations
- Investigate and respond to security threats, make change requests to strengthen security policies, recommend security strategies, perform penetration testing and vulnerability assessments, and interpret threat intelligence
- Partner with multiple teams in our Cyber Fusion Center, including Service Desk, Infrastructure Engineering, and Network Engineering teams
- Use cybersecurity and case management tools to prepare case evidence and incident reports
- Provide technical OJT training and guidance to less experienced team members
- Serve as liaison with clients, participating in meetings to ensure client needs are met
- Create programmatic documentation, standard operating procedures, and granular process checklists What you'll need to have
- 8570 IAT Level II Certification (typically Security+)
- Secondary Certification (CEH, CySA+, Cloud+, CND)
- TS/SCI with CI Poly, or willingness and ability to be cleared
- High School+10 years; Bachelor's+6; Master's+4
- Experience in monitoring, assessing, and triaging security incidents
- Strong foundation in cybersecurity principles and growth path to acquire certifications
- Strong technical and analytical skills demonstrating accurate analyses of security-related problems
- Significant experience monitoring system compliance with security policies
- Good networking background and significant troubleshooting of SOC-relevant issues in an enterprise environment
- Must have experience with at least one of: Splunk, Proofpoint, Fidelis, Solera, Windows, and/or Linux
- Engaging communications style with customers, peers, and support teams Strengths you'll bring to our team
- Passion for learning and professional growth
- Eagerness to help customers, peers, and juniors
- Taking ownership to do the right things right
- Building trust by delivering results that make a difference
- Comfortable communicating good news, bad news, challenging opinions, and innovative ideas All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
Cybersecurity Incident Analyst with Security Clearance - Colorado Springs, CO, United States - Antero Technology Services, LLC
Description
Are you ready to grow as a Cybersecurity Incident Analyst? Antero Technology Services is looking for a proactive person with a TS/SCI clearance to join our Security Operations Center TeamOur SOC is responsible for protecting a mission-critical global infrastructure supporting 60,000 customers
Our team is responsible for analyzing millions of SIEM events from hundreds of sources across a large enterprise network
You will investigate anomalous activity, coordinate technical response and incident communications, and work to turn security incidents into opportunities to better secure our Customer's environments through comprehensive incident post-mortems
Your Place in Our Team We're a small business which means you make a big difference with our team
We offer full company-paid health plans, time off, retirement, and other financial benefits
Our culture thrives on learning, and our professional growth program helps pay for your advancement
We encourage leadership growth too, and we'll help you build and lead a team of your own
What you'll be doing