Security Operations Center Analyst
Current● Utilization of the DC1 SOC's toolset to sweep for IOCs / risks / alerts / unauthorized changes / intrusions / suspicious traffic within the SIEM, IDS sensors, wireless IDS, vulnerability scanning software, and anti-malware in effort to prevent or mitigate risks toward DC1's security posture;● Ensure ongoing compliance with applicable policy and procedures;● Respond to Compromise of information events, including E-Mail Sensitive SBU Spills;● Reviews computer logs and messages to identify possible security violations and breaches; assist with the preparation of reports to report intrusions.● Maintain a consistent record of logged work to facilitate communication with other shifts;● Communicate with DHS ESOC / Federal Management on potential Insider Threat events;● Report Critical or Significant events to DHS ESOC by phone and open an investigation; ● Report weekly Intel Topics relating to current & relevant cybersecurity events;● Verify Geolocation logins are known & approved events;● Perform scans of various storage media with in-house anti-virus software as part of maintaining proper security hygiene;● Investigating Failed Login events from vaulted & service accounts;● Tenant monitoring of the Hybrid Environment;● Upholding a secure environment and Data Leak Prevention through the Inspection of any and all vendor equipment entering/leaving the Data Center;● Review logs for PII and other sensitive data before it is allowed to be shared with external bodies;● Conduct VIP / Vendor escorts;● Audit artifacts for tenants;● When required will take photography for auditing or troubleshooting purposes;● At request will aid in the destruction of unclassified media under the authorization of Personnel Security; and● Perform Zone Checks for any physical security events within the Data Center.