Cybersecurity Technician I

Position Summary:The Cybersecurity Technician, specializing in SIEM operations, plays a critical role in proactive alert investigation and incident response assistance. Operating primarily within the Security Information and Event Management (SIEM) platform, they continuously monitor and analyze security logs and alerts, identifying anomalies and potential security breaches. This technician investigates generated alerts, correlating events and contextualizing data to determine the severity and scope of potential alerts to determine whether they are a true or false positive. They are responsible for escalating critical findings to senior analysts or incident response teams. This role demands a keen analytical mind, a strong understanding of security principles, and the ability to quickly assess and respond to emerging threats in a dynamic environment.

The cybersecurity department operates 24/7. A variety of shifts are available to ensure coverage including 1, 2, and 3 shifts and weekends.

Responsibilities

This role is critical in providing initial support related to security alerts, ensuring customer information is protected, and facilitating the proper response to cybersecurity incidents. Here's a structured breakdown of the responsibilities mentioned:

Security Alert Management

• Put on your detective hat and investigate potential security threats.
• Escalate issues to higher-level support when necessary.

Customer Interaction

• Assess and understand customer cybersecurity support needs effectively.

Procedure Adherence

• Implement cybersecurity principles rigorously to safeguard customer information
• Ensure compliance with all Trapp and ArmorPoint policies and procedures

Incident Response

• Review alerts and collect data for incident response for further investigation
• Assist in facilitating forensic analysis as needed.

Threat Research

• Research emerging threats and vulnerabilities to improve incident identification
• Stay informed to the latest cybersecurity trends and challenges

Performance Metrics

• Optimize response times and close alerts efficiently to meet time-close requirements

Continued Professional Development

• Participate in internal meetings and mandatory training sessions
• Stay updated on industry best practices and emerging technologies

Other

• Maintain a professional demeanor at all times
• Uphold the integrity of the organization and its policies
• Other duties as assigned

Qualifications and Skills

Education Background:

• High School Diploma or GED equivalent (required)
• Bachelor’s degree in computer science or a related field is preferred

Experience:

• Minimum of two years of cybersecurity or IT experience (required)

Technical Skills:

• Typing speed of at least 30 words per minute
• Sec+ is highly preferred
• CySA+, A+, Net+ are a plus

Soft Skills:

• Exceptional listening skills
• Clear and succinct communication abilities
• Capability to compose grammatically correct and concise documentation
• Good troubleshooting skills with the ability to isolate and resolve issues quickly
• Enhanced ability to interpret customers’ descriptions of problems and summarize interactions

Necessary Experience

• Minimum of 2 years of experience in a cybersecurity or IT role.
• Experience in an organization with a strong emphasis on security practices is preferred.
• Security+ certification is highly preferred. Additional certifications such as CySA+, a+, Net+ are a plus