Job Description

JOB TITLE: Security Operations Center Analyst II - Vulnerability Management and TestingThe Security Operations Center Analyst II serves as vital member of the Security Operations Center within the MaineIT Information Security Office, performing continuous monitoring of critical systems for the State of Maine. The candidate will be a member of a team focused on vulnerability management, testing of applications and web applications, and other endpoint security and incident response activities. The candidate must be knowledgeable about how the products and processes fit into the broader Security Program and generally understand information security concepts, methods to combat against emerging threats, and adversary Tactics, Techniques, and Procedures. The candidate will be primarily responsible for Tier II level SOC Analyst duties with our Vulnerability Management and Testing group with an opportunity for participating in our Endpoint Security and Incident Response processes as needed to meet the operational requirements and goals of the SOC. The Information Security Office SOC located in Augusta, Maine, provides 24x7 security monitoring support, and requires the position to participate in an on-call rotation. Work is performed under limited supervision. Representative Tasks: \xe2\x80\xa2Understanding of Vulnerability Management in an enterprise environment.\xe2\x80\xa2Understanding of Application testing to include Web Applications.\xe2\x80\xa2Understanding of industry scanning tools to include HCL AppScan, Burp Suite, and Ready API.\xe2\x80\xa2Understanding of detection and response, antivirus, and other endpoint security topics based on industry best practices.\xe2\x80\xa2Understanding of detection and response, antivirus, and other endpoint security product features to effectively use the tools to monitor security threats and to engage in endpoint investigations and incident response activities.\xe2\x80\xa2Understanding or Familiar with OWASP TOP 10 Vulnerabilities and Threat models such as STRIDE, PASTA, DREAD.\xe2\x80\xa2Understanding of threat hunting methodologies and of various tactics, techniques, and procedures used by threat actors.\xe2\x80\xa2Ability to work independently and with a team in meeting organizational goals and objectives.\xe2\x80\xa2Ability to effectively work with members of the SOC and other MaineIT teams to document polices and processes, and to provide analysis reports as required.\xe2\x80\xa2Ability to recognize common attack vectors such as, unsupported software, non-secure source code, malware, command and control activity (C2), worms, trojans, and viruses.\xe2\x80\xa2Knowledge in designing, implementing, administering, and troubleshooting configurations to strengthen protections, minimize gaps, and improve \xe2\x80\xa2Knowledge in client device management and vulnerability management identification and remediation.
Required Skills and Experience, and Relevant Education:

• Five years of information security experience, with a focus on Vulnerability Managementand Application scanning, Incident Response, and Endpoint Security within an enterpriseenvironment. The ideal candidate will have knowledge of Windows and Linux systems andtheir associated scripting languages, experience with AWS or Azure cloud environments,and will have worked with endpoint security platforms such as Microsoft Defender forEndpoint, FireEye, Crowdstrike,

McAfee, or similar, and with vulnerability testing products such as Windows Defender TVM, Tenable Nessus, Rapid 7 InsightVM, Qualys, or similar. Experience with any of the popular SIEM platforms is also desired (Splunk, Azure Sentinel, Sumo Logic, LogRhythm, Elasticsearch, etc.)

• A four-year college degree in computer science or a related field with advanced study preferred;One or more relevant technical security certifications are a plus (GIAC, ISC2, CompTIA, ECCounsel, etc.)

iCST