3 months ago
The Tier 1 CSARC (Cyber Security Analysis & Response Center) Analyst is responsible for the detailed and repeatable execution of all daily operational tasks as documented in processes and procedures. Specifically, the Tier 1 Analyst will be responsible for timely review, monitoring and research of the CSARC Main Channel for security events, then documenting, closing and/or escalating those events as necessary. Tier 1 analysts will maintain the group email address and distribution lists, answer CSARC main phone lines, and update all relevant documentation such as shift logs and tickets.
Duties and Responsibilities
* Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available CSARC log sources.
* Monitor incoming event queues for potential security incidents per operational procedures.
* Perform initial investigation and triage of potential incidents, and escalate or close events as applicable.
* Monitor CSARC ticket (and email) queue for potential event reporting from outside entities and individual users.
* Maintain CSARC shift logs with relevant activity from your shift.
* Document investigation results, ensuring relevant details are passed to Tier 2 for final event analysis.
* Update/reference CSARC collaboration tool as necessary for changes to process and procedure, ingestion of daily intelligence reports, and previous shift logs.
* Collaborate with other CSARC teams on security research and intelligence gathering.
* 4 years of Information Technology related experience.
* 1+ years of Information Security related experience.
* Experience monitoring services across multiple platforms.
* Aptitude in solving problems independently.
* Strong verbal and written communications.
* Sound decision-making ability.
* Availability to work a flexible schedule including nights and weekends; CSARC is 24x7x365 environment.
* Shifts available: Sun-Wed or Wed-Sun; Swing & Graveyard shifts.
* Must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude.
* Works well both in a team environment and independently.
* Information Security Certification such as: Security+, CISSP, CISM, CISA, CEH, GCIH, GCIA, GCFA, GREM.
* New college graduates will be considered.
Additional Locations: None
Requisition ID: 17131
Nearest Major Market: Phoenix
Information Security, Technology