Requisition Number: S549P

Office of Information Technology

Job Summary       

Under general direction and supervision, the SOC Analyst will be responsible for the all Tier 1 and lower-level Tier 2 task in the Security Operations Center (SOC). The task can range from various proactive, reactive, and support services in collaboration with the Cybersecurity team. The primary task will be to monitor activity and properly respond to malicious activity based on playbooks and the Incident Response Plan. Other duties may involve a range of activities as needed – such as threat hunting, testing playbooks, and assisting with various cybersecurity activities.

Essential Functions              

1. Investigate triaged events and incidents using SIEM technologies, Endpoint Detection and Response platforms, and various cybersecurity tools.
2. Analyze, escalate, and assist in remediation of critical in-formation security incidents.
3. Support Incident Response Plan through Tier one support of activities surrounding following the PICERL model; Preparation, Identification, Containment, Eradication, Recovery & Lessons Learned.
4. Assists in enforcing and auditing information security policies and procedures such as access, breach escalation, use of firewalls and encryption routines.
5. Assists in updating, maintaining, and documenting security controls. Provides direction and support to clients and internal IT groups for information security-related issues.
6. Performs administration duties of varied server technologies, enterprise systems and peripheral devices, network and security devices, and all desktop computer systems and peripherals within the last five years on market.
7. Assists in performing high-level analysis of complex and disparate computing systems, networks, and data architectures to identify, rectify, and prevent technical and information security vulnerabilities.
8. Performs work on critical automated processes, computer systems, networks, databases, information systems, telecommunication systems, and computer policies, procedures, and practices.
9. Demonstrates high-level technical skills in the areas of in-formation security, networking and computer systems, and excellent capacity for grasping relevant details and complex systems analysis.
10. Performs other related duties as assigned by the supervisor.

Minimum Education and Experience

Education Level                      Bachelor’s degree from an accredited institution

Field of Study                          No specific discipline.

Years of Experience              3+ based on combination of experience and education. See below.

Area of Experience               Relevant IT experience in administering security measures to monitor and protect sensitive data and systems from infiltration and cyber attacks.

Alternate Minimum Education and Experience (If available)   

Education Level   

• High School Diploma - 11 year’s experience required
• Associate’s Degree - 7 year’s experience required
• Bachelor’s Degree - 3 year’s experience required

Minimum Skills and Abilities             

Applicant must have a four-year bachelor’s degree, preferably in an IT or related field and three or more years of relevant IT experience in administering security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.

If an applicant does not have a college degree, the following substitutions will be acceptable: High School diploma and 11 or more years of IT experience explained above or Associate’s Degree and 7 or more years of relevant experience.

1. General technical skills, includes TCP/IP knowledge, SIEM, networking and security product experience, and ticket-management systems.
2. Strong analytical and problem-solving skills, and works well in a team environment, and willingness to acquire in-depth knowledge of network- and host security technologies and products continuously improve these skills.
3. Knowledge of intermediate troubleshooting, client relations, and cybersecurity principles. Ability to implement a plan to address and mitigate security vulnerabilities. Ability to recognize, analyze, and solve a variety of problems. Ability to communicate technical concepts to a non-technical audience.

Desired Qualifications         

1. No certification required; however, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC (SANS), or ISC (2) preferred.
2. Network Event Analysis, Threat Analysis, and/or Intelligence Analysis
3. Basic experience with the following Operating Systems is recommended but not required: Linux distributions (Ubuntu, Kali Linux, Debian), iOS (current versions), Android OS (current versions), macOS (current versions)

Salary Range: $59,700 - $89,600

Quick Link:  https://www.auemployment.com/postings/20637

AUBURN UNIVERSITY IS AN AFFIRMATIVE ACTION/EQUAL OPPORTUNITY EMPLOYER. It is our policy to provide equal employment opportunities for all individuals without regard to race, sex, religion, color, national origin, age, disability, protected veteran status, genetic information, sexual orientation, gender identity, or any other classification protected by applicable law.