Security Operations Center Analyst

Security Operations Center Analyst

Harrisburg, PA (Hybrid 1 day in office per week)

6 Month Right to Hire

JOB PURPOSE AND SUMMARY
This SOC Analyst position is responsible for managing and enhancing the Security Operations Center (SOC) within the Enterprise Security Office (ESO). This role involves continuous monitoring, analysis, and reporting of security tools, including firewalls, intrusion prevention systems (IPS), data loss prevention (DLP), and endpoint detection and response (EDR). The analyst will conduct vulnerability and risk assessments, investigate and coordinate responses to security incidents, perform internal security reviews, and correlate logs across multiple systems to detect and mitigate threats.

1. Develop, implement, and refine SOC processes, procedures, and response playbooks to improve detection, response, and mitigation capabilities in both on-prem and cloud environments.
2. Identify and recommend enhancements to SOC tools, workflows, and automation for increased efficiency, with a focus on AWS-native security services.
3. Establish and maintain strong relationships with internal and external stakeholders to ensure SOC alignment with business and security priorities.
4. Monitor, analyze, and respond to security events from AWS security services such as AWS Security Hub, Guard Duty, AWS Config, CloudTrail, and IAM Access Analyzer.
5. Investigate and remediate security incidents in AWS, leveraging AWS-native security controls, forensic capabilities, and automation.
6. Prepare and distribute emerging threat intelligence reports, providing actionable insights to agency stakeholders, with a focus on cloud-based threats.
7. Support compliance efforts by ensuring SOC activities align with AWS security frameworks, such as AWS Well-Architected Framework and regulatory standards (e.g., NIST, CIS, FedRAMP).
8. Participate in security awareness initiatives by providing insights on cloud-specific security threats and best practices.
9. Perform continuous monitoring of security solutions to detect, analyze, and respond to potential threats and vulnerabilities.
10. Proactively collect, correlate, and analyze security data to detect unauthorized access attempts or suspicious activities.
11. Evaluate and assess security events based on exploit and vulnerability intelligence, determining severity and appropriate response actions.
12. Investigate security incidents by conducting forensic analysis, gathering relevant documentation, and escalating as necessary.
13. Monitor, triage, and analyze alerts from security platforms (e.g., SIEM, AWS Security Hub, Microsoft Defender for Endpoint, Trend Micro Vision One).
14. Collaborate with internal teams to implement and refine security controls to meet evolving security requirements.
15. Conduct self-assessments of security controls to evaluate their effectiveness and identify areas for improvement.

EDUCATION AND EXPERIENCE

Minimum qualifications: Bachelor's degree in Computer Science or a related field with two to five years of experience in information security administration or the equivalent combination of skills, experience, and certifications.

• Proficient understanding of security principles, risk assessment policies and standards, information security best practices, products and technologies, defense strategies, and network technologies.
• Demonstrated solid analytical, critical thinking, and organizational skills.
• Knowledge of the National Institute of Standards and Technology (NIST) security controls family and guidance to include NIST SP800-53.
• Experience with various operating systems with a focus on Microsoft Windows and Linux/Unix.
• Effective skills with time management, prioritization, and attention to detail.
• Possess a high level of integrity and ethics.
• Proficient use of Microsoft Office suite.

While others say it, we do it: we care. We have great people and we do great work. Just as importantly, we have great relationships with an impressive clientele. Over 1,000 talented, diverse, and career-minded professionals are carving out their role and experiencing a good mix of challenges and opportunities – and we're rooting for them along the way, every day.

Mindteck is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, status as a qualified individual with a disability, or any other trait protected by law.