We currently have a vacancy for a Security Operations Center (SOC) Analyst on the Security Operations Center team of the Information Security and Privacy Office (ISPO) division in the ITS department. The ISPO provides strategic oversight, direction, and coordination for the City of Phoenix’s information security and privacy programs. Currently, the SOC Senior Analyst reports directly to the Security Operations Manager and joins a growing SOC team. The SOC Analyst is a critical member of the SOC who performs event analysis, escalation, response, remediation, and reporting.
KEY JOB DUTIES
• Provide response and remediation to escalated endpoint, email, network, and cloud-based threats.
• Identify advanced security vulnerabilities and attacks techniques.
• Perform incident response for enterprise incidents.
• Detect weaknesses in networks and software utilizing prescribed tools, coordinate mitigation strategies with stakeholders
• Writing and maintaining IR procedures and SOC playbooks.
• Mentor other SOC analysts.
IDEAL CANDIDATE
• Direct experience in security operations center work, network analysis, threat analysis, and/or intelligence analysis.
• A comprehensive understanding of vulnerability management and the operational requirements thereof.
• Direct experience in endpoint management. (AV, scripting, patching, monitoring, etc.)
• Proficiency using scripting language tools.
• Direct experience with vulnerability management and threat prioritization tools.
• Direct experience with authentication in identity & access management, network application, database, and cloud security.
• Demonstrated knowledge of incident response methodologies and reporting.
• Direct experience in using ticketing systems for tracking.
• Knowledge of information security attack methods and techniques.
• Knowledge of the TCP/IP protocol suite, security architecture, and enterprise techniques/products, and the CIA triad.
• Knowledge and understanding of information technology industry trends and emerging technologies.
• Familiarity with State of AZ breach laws and requirements, IT Regulations, PCI, HIPAA, CJI, and other regulated data and privacy laws and standards
PREFERRED QUALIFICATIONS – The minimum qualifications listed above, plus:
• Direct work experience as a security, systems, or network administrator
• Experience using ticketing systems for tracking
• Cybersecurity certifications: GCIA, GCIH, GPEN, GCFE, EnCE, CCNA Cyber Operations