Descripción de oficio
SOC Analyst Level II
Las Vegas, NV Al corriente: 1/29/2021
The primary responsibility of the Analyst II – Cyber Security is to monitor daily various cyber security appliances to identify events that require escalated analysis.
Essential Duties & Responsibilities
- Assist Analyst I – Cyber Security in monitoring reports from cyber devices to determine which reported items are valid
- Assist Analyst I – Cyber Security in analyzing valid items for actionable events
- Assist Analyst I – Cyber Security in escalating actionable events to appropriate analyst or engineer for further analysis
- Respond to items escalated to mid-tier
- Conduct advanced analysis of cyber security threats
- Scan for anomalies using cyber security tools
- Analyze and escalate appropriate items to Sr Analyst – Cyber Security
- Perform mid-tier forensics activities
- Review error conditions
- Document error conditions into ticketing system and escalate to the responsible Engineer
- Review & respond to system incidents
- Create metrics reports and/or automate reports for IT Compliance
- Perform maintenance on security equipment as needed
- Brief metrics collected to the department for various systems.
- Coordinate SIEM activities where applicable
- Write and maintain run books and topology / data flow drawings for each solution
- Conduct quarterly audits of baselines
- Analyze items escalated and determine further escalation and/or actions and next steps.
- Participate in the investigation of security violations and breaches - may prepare and present reports on intrusions as needed
- Create and provide reoccurring health reports for network and host-based security solutions
- 21 years of age.
- Proof of authorization to work in the United States
- Bachelor’s degree preferred or equivalent work experience
- Must be able to obtain and maintain a Nevada Gaming Control Board Registration and any other certification or license, as required by law or policy.
- Professional cyber related membership and certification required
- 2 – 5 years of experience in cyber technologies to include tuning appliances, hardening, and maintenance, analysis of cyber tool alerts and/or results, and tiered escalation or equivalent education in cyber or IT related fields.
- Experience or equivalent education/certifications in at least 2 of these areas:
- Automated log correlation
- IDS/IPS operation and reporting
- Web service cyber tools
- Scanning tools and reporting
- Forensic tools and analysis
- SIEM operations
- Gaming industry experience preferred
- Knowledge of metrics development and presentations
- Knowledge of privacy and data protection regulatory requirements
- Must be able to work varied shifts, including nights, weekends and holidays.