Date Posted: 08/28/2024
Hiring Organization: Rose International
Position Number: 470090
Job Title: Cyber Security Operations Analyst
Job Location: Boston, MA, USA, 02116
Work Model: Hybrid
Employment Type: Temporary
Estimated Duration (In months): 10
Min Hourly Rate($): 60.00
Max Hourly Rate($): 65.00
Must Have Skills/Attributes: CISSP, ServiceNow
Nice To Have Skills/Attributes: Cybersecurity
Job Description
***Only qualified Cyber Security Operations Analyst candidates located near the commutable Boston, MA area to be considered due to the position requiring an onsite presence***
Cyber Security Operations is a key pillar of the Client's Information Security program, responsible for the deployment and tuning of security tools, threat-hunting, and Cyber Incident Response. Client's Security Operations Team needs your help while we enhance our capabilities to keep pace with emerging threats.
The Cyber Security Operations Analyst role will be a member of a 4-person team, reporting to the Director of Cyber Security Operations, and will work closely with the Chief Information Security Officer (CISO).
The ideal candidate is a self-starter with a passion for cyber threat hunting, can work in concert with a small team, and demonstrates strong written and verbal communication skills.
Required Skills:
• Two plus (2+) years of training or practical experience in IT Operations
• Two plus (2+) years of training or practical experience in cyber security operations
• Strong work ethic, great time management, and highly inclusive team player
• Effective verbal and written communicator, with excellent writing skills
• Authorization to work indefinitely in the U.S.
Preferred Skills:
• Bachelor's degree or equivalent in Cyber/Information Security
• Industry certifications such as CISSP
• Previous experience on a Cyber Security Operations team in a large organization
Cyber Security Operations Analyst Duties and Responsibilities:
Security Operations Response and Reporting:
• Review and respond to Security Operations Center alerts
• Review and respond to Endpoint Detection and Response alerts
• Manage Identity alerts and respond to ServiceNow tickets
• Review daily reports, system-generated reports, and threat feeds for relevance or issues
Splunk SIEM Logs Review and Improvement:
• Configure alerts based on gaps in proactive and responsive measures
• Maintain a query repository for regular tasks and improve dashboard visibility across sources
• Ensure data hygiene and CIM compliance with the data model
Threat Detection & Incident Response:
• Conduct threat hunting by tracking common and novel techniques, tactics, Indicators of Compromise (IOCs), and applying measures for detected threats
• Utilize custom Indicators of Attack (IOAs) and EDR SOAR workflows for automated response and remediation
• Review network web proxy and firewall traffic to identify and address consistent abnormal or block events
Monitoring & Visibility Recommendations:
• Develop metrics dashboards for security tools
• Enhance network visibility across firewall and web proxy logs
• Provide recommendations for security improvements, including hardening and content blocking
• Audit and validate the deployment of security controls to meet standards, guidelines, and compliance requirements
• Ensure controls are documented and functioning as intended
• Verify that infrastructure and applications adhere to MassDOT’s information security policies and standards
• Audit, report, and maintain a log of all policy violations
Vulnerability Assessment Responsibilities
• Conduct vulnerability assessments of infrastructure and applications to identify and document gaps and risks
• Communicate identified gaps, risks, and vulnerabilities to customers
• Perform continuous monitoring and analyze the security posture related to infrastructure and applications
• Manage and address events in MassDOT’s Security Information and Event Management (SIEM) system
• Monitor and respond to security alerts, including virus alerts, breach notifications, zero-day vulnerabilities, and trending threats
Additional Responsibilities
• Stay updated on information security issues, best practices, and regulatory changes affecting transportation and information security at both state and national levels
• Develop and recommend security solutions based on business needs, regulatory requirements, and industry best practices
• Understand risk management frameworks and apply them effectively
• Respond courteously and professionally to inquiries from customers, vendors, and colleagues
• Assist with emergencies and events as needed, which may include driving a company or personal vehicle
• Provide on-call support as necessary
• Perform other related duties and projects as assigned
• Provide deskside support to end users when necessary to gather evidence for an investigation, provide advice on safe computing practices, and to diagnose systems as SME for security tools, attack tactics & techniques, and forensic analysis
• Contribute to the continuous improvement of the MassDOT information security program
- **Only those lawfully authorized to work in the designated country associated with the position will be considered.**
- **Please note that all Position start dates and duration are estimates and may be reduced or lengthened based upon a client’s business needs and requirements.**
Benefits:
For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.
California Pay Equity:
For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.
Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.
If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.
Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).