About ARSIEM Corporation
At ARSIEM Corporation we are committed to fostering a proven and trusted partnership with our government clients. We provide support to multiple agencies across the United States Government. ARSIEM has an experienced workforce of qualified professionals committed to providing the best possible support.
As demand increases, ARSIEM continues to provide reliable and cutting-edge technical solutions at the best value to our clients. That means a career packed with opportunities to grow and the ability to have an impact on every client you work with.
ARSIEM is looking for a motivated individual for an Incident Handler Tier 1 position offering on-the-job training (JOT) on cybersecurity incident response processes, procedures, and remediation practices. This is a great opportunity to work in a Cyber Security Operations Center (CSOC) and gain experience with cyber tools such as SIEM, Endpoint Protection, Network Access Controller, Cloud security, Vulnerability scanning, and additional proof of concept technologies. This position will support one of our government clients in Monterey, CA.
Responsibilities
- Use the SIEM tool to receive security alerts, perform initial investigations, and provide damage assessments based on findings
- Review the latest alerts/events from various sensors to determine relevancy and urgency.
- Enrich incidents with open source and/or other sources of information to handle incidents accurately.
- Appropriately document all alerts/incidents in the approved ticketing system.
- Analyze and elevate as appropriate for IHT2 review.
- Preserve evidence integrity according to CSOC standard operating procedures or national standards.
- Monitor network activity using cybersecurity tools to protect against malware. (Endpoint protection, restrict/prevent external devices, spam filters, Network access controllers, ACLs)
- Recognize and categorize types of vulnerabilities and associated attacks (threat hunting and sharing)
- Use CSOC security tools to Identify, capture, contain, and report on malware-related activity
- Provide feedback to improve techniques and procedures used for detecting host and network-based intrusions
- Use CSOC SOPs/procedures and suggest recommendations to fine-tune these processes to Tier 2 analyst
- Handle incident handling tasks from Tier 2 analysts, CSOC manager and leadership
- Handle other tasks that a Tier 1 level of experience and talent can complete.
- Under supervision, may manage and configure security monitoring tools (SIEM, IDS, Firewall, Access Control Lists, etc.) to mitigate existing threats/vulnerabilities.
Minimum Qualifications
- Minimum of one (1) year of professional experience in ANY of the following: network or UNIX/Linux system administration, software engineering, software development, AND/OR a bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, OR related field.
- Certification: Sec+
- Must obtain one of the following certificates within 6 months of hire date: CompTIA CySA+, EC-Council CEH, GIAC GCIA, Microsoft AZ 900, Palo Alto Networks PCCET, Splunk Core Certified Advanced Power User
Clearance Requirement: This position requires an active Secret clearance. You must be a US Citizen for consideration.
Candidate Referral: Do you know someone who would be GREAT at this role? If you do, ARSIEM has a way for you to earn a bonus through our referral program for persons presenting NEW (not in our resume database) candidates who are successfully placed on one of our projects. The bonus for this position is $3,500, and the referrer is eligible to receive the sum for any applicant we place within 12 months of referral. The bonus is paid after the referred employee reaches 6 months of employment.
ARSIEM is proud to be an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.