The ISD Cyber Security Sector is responsible for monitoring and protecting Laboratory information systems. The sector operates and maintains computer network defense (CND) tools and data sources (network and host level) in support of incident response and mitigation processes. Services include briefings to management, advising them of issues that may affect the Laboratory's security posture. The sector also conducts vulnerability assessment scanning at the network, system, and application levels, and coordinates mitigations and communications to the Laboratory community.Job Description The Cyber Security Analyst position will be a member of multiple Security Operations Center (SOC) teams where they will perform daily SOC operations and serve on specialized teams which threat hunt, manage vulnerabilities, and work to standardize SOC functions through playbook development, data analysis & reporting, and through the management of tools. While the SOC has a tiered structure, job rotation and cross training are key to the analysts ?? success. The primary function, in this context, is to bring experience and talent to the position such that you can help drive the rapid tempo of the environment. During an interview you may be asked to demonstrate skills in threat hunting, vulnerability management, SIEM / SOAR tools, basic engineering or engage in a discussion on malware analysis. It isn ??t expected that you have mastered all of these skills, but can demonstrate sounding thinking in how you would approach them and some familiarity with the skills and techniques involved. Required:4+ years ?? experience in the information security technology field; preferably a BS in an IT related field of studyStrong familiarity with operating system diagnostics, network design and troubleshooting, and how to diagnose security controls and logs for evidence and indicators of compromise.Good understanding of vulnerabilities, how vulnerabilities are detected and mitigated, how to rate the risk associated with an emerging vulnerability.Basic threat management and how to do research across multiple sources to correlate and provide accurate scope to identify, contain, eradicate and recover from a security incident.Ability to obtain and maintain a government security clearance. Preferred:Demonstrated ability to achieve ongoing educational training. While a SANS, (ISC)2, or ISACA certification is not required, most candidates will have gone through this or similar processes in order to achieve their commitment to ongoing training.Demonstrated ability to create and contribute to teams in a collaborative and constructive manner. OTHER:Occasional off hour / on duty support is necessary.Occasional travel for meetings and training is likely. ( MIT Lincoln Laboratory is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; U.S. citizenship is required.
Associated topics: cybersecurity, identity, identity access management, idm, information assurance, information security, information technology security, malicious, security officer, vulnerability
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.