Cyber Sec Analyst Sr - Military veterans preferred



  full-time   employee

Santa Ana
United States



This position will be an asset of the 24/7 Security Operations Center (SOC) monitoring and incident detection team. The candidate must have professional experience in cybersecurity, information risk management, or information systems risk assessment in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC). Additionally, the candidate must be knowledgeable in vulnerability assessments, intrusion prevention and detection, access control and authorization, policy enforcement, application security, protocol analysis, firewall management, incident response, data loss prevention, encryption, two‐factor authentication, web‐filtering, and advanced threat protection.

Job Specific Responsibilities:
  • Monitor the networks for malicious activity using Security Incident and Event Management (SIEM) toolsets. This will include responding to and investigating alerts, the development of new security monitoring use cases, and ensuring all investigative activity is properly documented in our ticketing systems and followed up with relevant support teams.
  • Triage issues escalated to the information security team, and ensure that appropriate follow-up actions are taken by the SOC.
  • Take responsibility for adhering to SOC documentation and processes.
  • Take responsibility for monitoring intelligence sources for potential threats and ensure appropriate defensive actions are taken with respect to these.
  • Take responsibility for running vulnerability scans against EROS infrastructure, interpreting these and following up issues with relevant support team.
  • Highly motivated individual with a genuine enthusiasm for information security and technology;
  • Willingness to work shifts (including unsociable hours and holidays where these fall into your shift pattern) as part of a 24x7 team.
  • Sound understanding of information security principles and best practices;
  • Good infrastructure and technology experience including demonstrable understanding of security operations;
  • Good communication skills both written and verbal;
  • Good knowledge of security issues inherent in common corporate environments;
  • Ability to prioritize workloads and to know when to seek guidance.
•             LogRhythm
•             ServiceNow
•             Nessus

•             Microsoft Exchange Online Protection

•             Sourcefire
•             Zscaler

•             McAfee Data Loss Prevention


TYPICAL EDUCATION AND EXPERIENCE: Bachelors and five (5) years or more experience; Masters and three years related experience. 

Bachelor degree in Computer Science, Engineering, Information Technology, Cybersecurity or related field or a minimum of two years of experience in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
Must be able to meet all Law & Justice and departmental clearance requirements prior to starting work and be eligible to pass law enforcement level background investigations and obtain U.S. SECRET (or similar) clearances as required.
Demonstrated Experience with Cyber Security Monitoring and Detection including experience in at least two of the following areas:
(a) Vulnerability Assessment;
(b) Intrusion Prevention and Detection;
(c) Access Control and Authorization;
(d) Policy Enforcement;
(e) Application Security;
(f) Protocol Analysis;
(g) Firewall Management;
(h) Incident Response;
(i) Encryption;
(j) Web‐filtering;
(k) Advanced Threat Protection
  • 2 years of Information Security experience
  • Information Security Certification such as: Security+, CISSP, CISM, CISA, CEH, GCIH, GCIA, GCFA, GREM
  • Experience monitoring services across multiple platforms
  • Ability to work independently and manage one’s time to meet commitments and expectations
  • Ability to remain organized and adapt to unexpected events, new facts, and rapidly changing circumstances
  • Ability to thrive in a sense-of-urgency environment and leverage best practices
  • Ability to effectively diagnose an issue and recommend a solution
  • Ability to be flexible and focused to deliver products with different priorities and timelines
  • Ability to build and maintain effective relationships with team members, customers, and external groups, as well as working in a collaborative environment



Desired Qualifications



Certified Information Systems Security Professional (CISSP)
Experience in Information Assurance Policy and Guidelines
NIST Special Publication 800-53
NIST Cybersecurity Framewor
ITIL® Foundation Level or higher Certification