SOC Analyst I
Who is Epsilon:
Epsilon is an IT Services company that was founded in 2009 and has become an established leader in providing Information Technology services to both Federal Government and Commercial businesses across the United States. Epsilon is known for its solution-focused and innovative approach, aligning technology systems, tools, and processes with the missions and objectives of its customers.
Epsilon's headquarters are in Weaverville, NC with other corporate offices in Greenville, SC, Crystal City, VA, and Denver, CO. We have employees in 30+ States across the U.S.
Why work for Epsilon:
In joining Epsilon's team, you will have the opportunity to contribute to Epsilon's business and customer initiatives, as well as influence our brand culture through people interaction and technology advancements.
Epsilon invests in our employees by promoting from within and enabling employees to elevate their knowledge and skill set in their profession by allocating $3,000 annually in Professional Development funds. We also offer competitive pay, comprehensive benefits through one of the largest national carriers, Paid Time Off (PTO) that increases with tenure and has a generous rollover, 11 company paid Holidays, and 401(k) with immediate contribution.
Where you'll work:
You will be working onsite at SOC's Monterey, CA location.
Our Customer's Mission :
The Security Operations Center (SOC) is responsible for the overall security of enterprise-wide information systems and networks. The SOC's objectives are to protect, detect, respond, and recover from information security (IS) threats to the enterprise and associated systems. The SOC is chartered to prevent, detect, contain, and eradicate cyber threats through monitoring, intrusion detection, and protective security services to information systems. The SOC also conducts vulnerability assessments, analyzes cyber threats, monitors the email gateway, and collects information on and investigates and reports on all confirmed or suspected security incidents.
An average day:
As SOC Analyst I, you will provide tier I cybersecurity support in a SOC environment by tracking and reporting cyber security threats, events, and incidents. This role will be expected to perform threat analysis and investigate security incidents. In the event of an incident, you will be expected to identify the source of the incident, determine the scope of the incident, and assess the impact of the incident. This position is responsible for providing initial response and containment measures, as well as escalating incidents to higher tiers if necessary. This position will report to the Incident Handler Principle and work closely with other Tier I and Tier II personnel to effectively and efficiently provide optimum service to our customers. In this position you will:
Use intrusion detection technologies to apply techniques for identifying host and network-based intrusions.
Create, update, and resolve incident tickets that have been tasked to Tier I and appropriately document all alerts and incidents in the ticketing system.
Create new incident tickets for alerts that signal an incident requiring escalation for Tier 2 review.
Identify, capture, contain, and report malware to protect networks (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
Recognize and categorize types of vulnerabilities and associated attacks.
Utilize the SOC standard operating procedures (SOP) to perform daily tasks, resolve incidents and preserve evidence integrity. May provide input for and assist with updating procedures.
Perform damage assessments, secure network communications and use security event correlation tools.
Utilize the SOC checklist when reviewing the latest alerts and events from various SOC sensors to determine relevancy and urgency.
Review open source and other sources of information to identify events that should be transitioned into the incident response process.
Under supervision, may manage and configure security monitoring tools (SIEM, IDS, Firewall, Access Control Lists, etc.) to mitigate existing threats and vulnerabilities.
May assist with the design of incident response for cloud service models.
Basic Qualifications:
As a requirement of this position, all candidates must be a U.S. Citizen. In accordance with 8 U.S.C. 1324b(a)(2)(C) , Epsilon will not consider candidates for this position who do not meet the aforementioned conditions.
Must hold at least one certification as required by Dept. of Defense (DoD) 8570.01-M and Department of Defense Directive 8140.01, IAT Level II or Higher OR have the ability to obtain within 6 months of hire.
Must hold at least one of the following certifications or have the ability to obtain within 6 months of hire: CompTIA CySA+, EC-Council CEH, GIAC GCIA, Microsoft AZ 900, Palo Alto Networks PCCET, or Splunk Core Certified Advanced Power User
Must have a minimum of one (1) year of professional experience in network, UNIX/Linux system administration, software engineering, or software development.
Will accept a bachelor's degree in computer science, engineering, information technology, cybersecurity, or related field in place of the 1 year of experience.
Knowledge of or experience with some of the following:
Computer networking concepts, OSI model, and network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services, and network security methodologies.
Host/network access control mechanisms (e.g., access control list, capabilities lists).
Network traffic analysis methods an packet-level analysis.
Cyber threats and vulnerabilities; cyber-attack stages, classes of attacks and attackers; cyber defense and information security policies, procedures, and regulations.
Incident response and handling methodologies, incident categories, and timelines for responses.
Intrusion detection methodologies and techniques for detecting host and network-based intrusions.
Malware analysis concepts and methodologies.
System administration, network, and operating system hardening techniques as well as data backup and recovery.
Proficient in at least one programming language.
Working understanding of computer forensic techniques and methodologies.
Experience with the following is ideal: JIRA (Atlassian issue tracking system), Palo Alto Firewall, SNORT IDS, AlienVault SIEM, Barracuda Mail Spam / Virus Firewall, and HBSS
Understanding of risk management processes preferred (e.g., methods for assessing and mitigating risk).
Some experience working with various security methodologies and processes is preferred.
Knowledge and experience configuring and implementing a diverse array of technical security solutions is preferred.
Experience providing analysis and trending of security log data from a large number of heterogeneous security devices is preferred.
Other Requirements:
Must hold an active DOD Interim Secret or Secret Clearance
This team operates in a 24/7 shift environment. The SOC Analyst I will provide support Monday - Thursday, 6:45am - 5:15pm PST.
Physical Demands and Working Conditions:
Listed below are the physical or mental requirements necessary for the job's performance. Reasonable accommodation may be made to enable individuals with disabilities to perform essential job functions:
Prolonged periods of computer desk work.
Dexterity of hands and fingers to operate a computer keyboard and other computer components.
Speaking and hearing are sufficient to converse and understand conversations, both in-person, telephone, and virtual meetings.
The cognitive skills needed to complete tasks, including abilities such as learning, remembering, focusing, categorizing, and integrating information for decision-making, problem-solving, and comprehending.
Ability to learn new tasks, remember processes, maintain focus, complete tasks independently, make timely decisions in the context of a workflow, and the ability to communicate with managers and co-workers.
Mental aptitude to respond appropriately in high-pressure situations or deadline-driven environments.
Maintain a professional emotional response when working with others.
Connect directly with your dedicated recruiter, Jeannine, on Epsilon's careers page.
www.epsilon-inc.com/careers
Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets.
Please click here (https://www.eeoc.gov/sites/default/files/2023-06/22-088 EEOC KnowYourRights6.12ScreenRdr.pdf) to review your rights under EEO policy.
If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone 828-398-5414 or by email careers@epsilon-inc.com .
#LI-JW1 #LI-ONSITE
S:WWSKMED GPSMALLB