Sr. Security Operations Center (SOC) Analyst

JOB DESCRIPTION

**Job Summary:**

The Security Operations Center (SOC) Analyst is critical in safeguarding the State of Nebraska’s digital assets by actively monitoring, analyzing, and responding to security incidents. This position requires a keen understanding of cybersecurity principles, threat detection, incident response, and strong analytical skills to identify and mitigate security threats in real time. As a member of the Information Security Team, this is an in-person position that requires the person to be on call.

**Responsibilities:**

- Monitor and triage security alerts and events from various sources including SIEM, IDS/IPS, firewalls, and endpoint protection systems ,et al.
- Conduct in-depth analysis of security events to identify potential security incidents or breaches.
- Investigate and triage security alerts, determining the scope, impact, and severity of the threat.
- Aid in development and maintain standard operating procedures (SOPs) for incident detection, response, and escalation.
- Collaborate with cross-functional teams to resolve security incidents and implement appropriate countermeasures.
- Perform threat hunting activities to proactively identify and mitigate emerging threats.
- Maintain and update security tools and technologies to ensure optimal performance and effectiveness.
- Provide timely and accurate reports on security activities, trends, and metrics to leadership and stakeholders.
- Participate in security awareness training and education programs for staff members to enhance cybersecurity awareness and best practices.
- Stay current with industry trends, emerging threats, and security technologies to continuously improve SOC capabilities.

**Requirements:**

- Associates degree in Computer Science, Information Technology, Cybersecurity, or related field.
- Minimum of 2 years of experience working in a security operations center or similar role.
- An Associates degree is also accepted with a minimum of 4 years of experience.
- Strong understanding of cybersecurity principles, threat landscape, and attack vectors.
- Proficiency in using security tools such as SIEM, IDS/IPS, endpoint detection and response (EDR), and threat intelligence platforms.
- Experience with incident response procedures, including incident triage, containment, eradication, and recovery.
- Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).
- Excellent analytical and problem-solving skills, with the ability to analyze large datasets and identify anomalies.
- Effective communication skills, with the ability to convey technical information to non-technical stakeholders.
- Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP) are helpful.
- Ability to work effectively in a fast-paced environment and prioritize tasks based on the severity and impact of security incidents.
- Must be able to pass background checks and employment screenings.