Urgent Backfill Position
DirectClient: Texas Health and Human Services Commission(HHSC)
Solicitation#529210065C
Title: Network Security Analyst
Location: Winters Complex 701 W 51st Austin, TX 78751
Duration: Until 8/31/2022 with possible extension to 8/31/2023
Disclaimer: The selected candidate will be required to come in person to Austin to obtain equipment, badge and initial assignments. The candidate will be required to work in person 2 days a week and remote 3 days a week.
DESCRIPTION OF SERVICES:
A network security analyst ensures that information systems and computer networks are secure. This includes protecting the company against hackers and cyber-attacks, as well as monitoring network traffic and server logs for activity that seems unusual. Additionally, these analysts are responsible for finding vulnerabilities in the computer networks and creating recommendations for how to minimize these vulnerabilities. The network security analyst investigates security breaches, develops strategies for any security issues that arise, and utilizes the help of firewalls and antivirus software to maintain security.
CANDIDATE SKILLS AND QUALIFICATIONS
Minimum Requirements:
Years Required/Preferred Experience
5 Required Implementing and supporting security platforms related to: Security Orchestration Automation & Response (SOAR), Security Information Event Management (SIEM), and User & Entity Behavior Analytics (UEBA).
5 Required Develop, deploy and tune SIEM content such as correlation rules, dashboards, reports and models.
5 Required Create and maintain documentation related to DLP solutions; this may include conceptual, logical, and physical diagrams; new environment design documents; procedural documents; job aids; write ups on technical capabilities and solution configurations;
5 Required Help deliver on DLP program objectives, implement DLP controls, define standards and policies to protect HHS. Assess, report on, and make recommendations regarding current and proposed architectures, strategies, and systems in the DLP space.
5 Required Serving as technical SME to support the Microsoft Defender EDR platform. Developing use cases, threat detection logic and rules, and alerting in Defender EDR platform for response by Incident Detection & Response analysts.
5 Required Operationalizing Indicators of Compromise from intelligence feeds by developing, testing, deploying, monitoring and alerting rules into Defender EDR Platform.
5 Required Develop and implement SOC and IR systems integrations through automation and orchestration including API, PowerShell, and Python
5 Required Develop and implement new SOC and IR playbooks for alert enrichment and triage, and threat hunting.
5 Preferred Expertise with Data Loss Prevention, Data Protection, or Insider Threat security programs.
5 Preferred Experience deploying and maintaining DLP and endpoint security controls.
5 Preferred Experience with deployment, configuration, or maintenance to support Enterprise EDR Solutions.
5 Preferred Experience with SIEM, Threat Intelligence, and SOAR platforms highly desired.
5 Preferred Ability to integrate data sources from a Cybersecurity standpoint into a SIEM/Splunk/SOAR environment is highly desired.
5 Preferred Shift flexibility, including the ability to provide on call support (24/7) when needed