SOC Analyst

Sacramento Municipal Utility District
||
Sacramento, CA
Apply HereJob ExpiredView all Jobs
Sacramento Municipal Utility District

SOC Analyst

Sacramento, CA
SOC / Threat Intel
FULL-TIME
Jul 19

This person is responsible for day to day security operations activities that include detecting malicious activity through monitoring of existing security capabilities, hunting for indicators of attack and compromise in our environment, and maintaining situational awareness of SMUD’s environment. This position will support incident response activities to respond and recover to cybersecurity events.

Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.

Remote work will be considered

Desired skills:

  • Threat Hunting Experience – candidate should be passionate about finding suspicious activity.
  • Threat Analyst Experience – Candidate should be able to understand technical and business process impacts of activities, and be able to collaborate with IT operations and Cybersecurity Engineers on mitigations and remediations.
  • Ability to analyze malware.
  • Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
  • Knowledge of penetration testing principles, tools, and techniques.
  • Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
  • Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Knowledge of incident response and handling methodologies.
  • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.

Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.

Position Type

Regular - Full Time

No. of Openings

1

Pay Scale Group

PAS0059O

Base Salary Annual Low

$101,166

Base Salary Annual High

$134,057

Selection Process

Initial Review, Qualifications Interview, Reference Check, Background Check

Major Duties & Responsibilities

Responsible for the design, development, implementation, and/or integration of SMUDs security architecture, system, or system components for use within IT and OT environments. Ensures that the architecture and design of SMUDs IT and OT are functional and secure.
Provides network and systems security engineering, design engineering, security tests and evaluations, and risk assessments for OT and enterprise level IT systems, including risk management, vulnerability assessments, security assessments, strategy and project development, network architecture designs, and monitoring solutions.
Enhance enterprise cybersecurity program by developing technical security requirements and technical security control implementation guidance for IT/OT network infrastructure to include hardware, software, and services.
Applies technical experience and knowledge on routing, switching, MPLS, SONET/SDH, Frame/Relay, Telecommunications, Wireless (Microwave amd LTE) and Radio technologies. 5. Maintain skills implementing and/or operating security and networking technologies: Application Security Scanners, Endpoint Protection, Remote Connection, Network Protection, Data Loss Prevention, File Integrity Monitoring, Security Auditing amd Logging, Vulnerability Management, and Virtual Private Networking technologies such as IPSEC, SSL/TLS, SSH, site to site and network to network.
Advise on the design and innovative integration of cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture, to include security solutions utilized in SCADA/Control systems environments, applying working knowledge of ICCP, DNP3, MODBUS and other common IEC utility protocols such as IEC-60870-5, IEC-61850.
Maintain technical knowledge of TCP/IP, DNS, SMTP, HTTP, FTP, SNMP, Active Directory, LDAP, Ethernet, Wireless LAN, and other WAN/LAN Protocols. 8. Apply knowledge and functional experience with IDS/IPS, WAF, ADC, firewall, VPN across a wide range of complex architectures, platforms and mediums.
Review and/or monitor network and system activity and analyze evidence of suspicious behavior to identify and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
Other related duties as assigned

Minimum Qualifications

Education
Bachelor's degree in Cybersecurity, Information Security, Information Technology or closely related field (i.e Computer Science, Systems Engineering, Electrical Engineering) or 7 years equivalent experience.

Experience:
Three (3+) or more years of progressively relevant professional or technical experience in cybersecurity and/or information security.

Knowledge Of:
Principles and practices of cybersecurity and information technology systems. Principles and practices of system security engineering, design, development, analysis, testing and security administration. Methods and techniques of evaluating security and privacy requirements and developing secure solutions for SMUD systems. Methods and techniques of developing data security, integrity, backup and recovery processes. Project management methodologies. Principles and practices of systems and procedures analysis and design. English composition and business writing and vocabulary standards; methods and techniques for report preparation and writing; methods and techniques for record keeping; modern office practices and procedures.

Skill To:
Problem solve, analytical and troubleshooting capabilities; ability to learn new skills quickly with minimal guidance; ability to achieve project schedules and milestones; work in a team environment with aggressive deadlines and multiple priorities while staying a team player; facilitation and presentation skills; strong verbal and written communication skills as well as strong interpersonal skills; ability to listen, learn, speak up, and mentor; attention to detail; skill to work with different groups and diverse projects as a partner; skill to perform privacy and/or security reviews including regulatory and industry assessments, risk analyses, information inventory and data mapping, vendor management security assessments, and additional privacy or cybersecurity compliance related projects.

Desirable Qualifications

Any of the skills of the other specialist (Engineering, Governance, Risk Management, Compliance) and OT Security experience to support a cross functional team concept.

Apply Here
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here. Cyberlinx does not own the logos from employers or jobs posts