Cyber Security Operations Analyst Job at Comprehensive Resources INC, Boston, MA

V2g0RzNZZG9ITXU4S2dKcFlqd2pXT1F2
  • Comprehensive Resources INC
  • Boston, MA

Job Description

Client: The Massachusetts Department of Transportation (MassDOT)

Role: Cyber Security Operations Analyst

Duration: 10 Months (Possible Extension)

Location: 10 Park Plaza, 8th floor Boston, MA 02116

Work Schedule: Hybrid

Interview type: In-Person Interview

POSITION DESCRIPTION: 

The Massachusetts Department of Transportation (MassDOT) is actively hiring a Cyber Security Operations Analyst! Join a great team of cyber security professionals and help us deliver our mission – which is to protect the confidentiality, integrity, and availability of MassDOT''s digital information and systems.

Cyber Security Operations is a key pillar of the MassDOT Information Security program, responsible for the deployment and tuning of security tools, threat-hunting, and Cyber Incident Response. Our Security Operations Team needs your help while we enhance our capabilities to keep pace with emerging threats.

The Cyber Security Operations Analyst role will be a member of a 4-person team, reporting to the Director of Cyber Security Operations, and will work closely with the Chief Information Security Officer (CISO).

The ideal candidate is a self-starter with a passion for cyber threat hunting, can work in concert with a small team, and demonstrates strong written and verbal communication skills.

Sample Duties and Responsibilities:

Security Operations Response and Reporting:

Review and respond to Security Operations Center alerts.
Review and respond to Endpoint Detection and Response alerts.
Manage Identity alerts and respond to ServiceNow tickets.
Review daily reports, system-generated reports, and threat feeds for relevance or issues.

Splunk SIEM Logs Review and Improvement:

Configure alerts based on gaps in proactive and responsive measures.
Maintain a query repository for regular tasks and improve dashboard visibility across sources.
Ensure data hygiene and CIM compliance with the data model.

Threat Detection & Incident Response:

Conduct threat hunting by tracking common and novel techniques, tactics, Indicators of Compromise (IOCs), and applying measures for detected threats.
Utilize custom Indicators of Attack (IOAs) and EDR SOAR workflows for automated response and remediation.
Review network web proxy and firewall traffic to identify and address consistent abnormal or block events.

Monitoring & Visibility Recommendations:

Develop metrics dashboards for security tools.
Enhance network visibility across firewall and web proxy logs.
Provide recommendations for security improvements, including hardening and content blocking.

Audit and validate the deployment of security controls to meet standards, guidelines, and compliance requirements.
Ensure controls are documented and functioning as intended.
Verify that infrastructure and applications adhere to MassDOT's information security policies and standards.
Audit, report, and maintain a log of all policy violations.

Vulnerability Assessment Responsibilities

Conduct vulnerability assessments of infrastructure and applications to identify and document gaps and risks.
Communicate identified gaps, risks, and vulnerabilities to customers.
Perform continuous monitoring and analyze the security posture related to infrastructure and applications.
Manage and address events in MassDOT's Security Information and Event Management (SIEM) system.
Monitor and respond to security alerts, including virus alerts, breach notifications, zero-day vulnerabilities, and trending threats.

Additional Responsibilities

Stay updated on information security issues, best practices, and regulatory changes affecting transportation and information security at both state and national levels.
Develop and recommend security solutions based on business needs, regulatory requirements, and industry best practices.
Understand risk management frameworks and apply them effectively.
Respond courteously and professionally to inquiries from customers, vendors, and colleagues.
Assist with emergencies and events as needed, which may include driving a company or personal vehicle.
Provide on-call support as necessary.
Perform other related duties and projects as assigned.
Provide deskside support to end users when necessary to gather evidence for an investigation, provide advice on safe computing practices, and to diagnose systems as SME for security tools, attack tactics & techniques, and forensic analysis.
Contribute to the continuous improvement of the MassDOT information security program.

Required

Two plus (2+) years of training or practical experience in IT Operations
Two plus (2+) years of training or practical experience in cyber security operations
Strong work ethic, great time management, and highly inclusive team player
Effective verbal and written communicator, with excellent writing skills
Authorization to work indefinitely in the U.S.

Preferred:

Bachelor''s degree or equivalent in Cyber/Information Security
Industry certifications such as CISSP
Previous experience on a Cyber Security Operations team in a large organization

Job Tags

Similar Jobs

Menzies Aviation

Ramp Agent Part-time Signature - GREAT BENEFITS!!! GREAT PAY!!! Job at Menzies Aviation

** Ramp Agent Part-time Signature - GREAT BENEFITS!!! GREAT PAY!!!****Job Category****:** Airport Operations **Requisition Number****:** RAMPA008931 Showing 1 location **Job Details****Description****Key Responsibilities*** Comfortably and continuously lift/move... 

BayMark Health Services

Recruiting Coordinator for Residential Facility Job at BayMark Health Services

 ...Recruiting Coordinator Reporting to the Director of Human Resources, the Recruiting Coordinator is responsible for coordinating effective...  .... In addition, the coordinator will regularly attend both virtual and in-person hiring events throughout the recruitment region... 

Fud

Freelancing Expert - Illustrator Job at Fud

 ...Fud, the "World's First Social Hustling Community" is seeking a Freelancing Expert - Illustrator to join our team. As a Freelancing Expert, you will be instrumental in providing comprehensive know-how and mentorship to our community of freelancers and independent workers... 

PrimeFlight Aviation Services

Security Gate Agent-Honolulu International Airport (HNL) Job at PrimeFlight Aviation Services

 ...competitive pay scale ABOUT US ~ We perform a wide range of airport support services globally on behalf of commercial airlines....  ...career in the aviation industry! Job Description Our Security Gate Agent is responsible for managing and securing the entry... 

Integr8staff

Interior Designer (furniture fixtures and equipment) Job at Integr8staff

 ...Job Title Sr. Interior Designer Company Location Los Angeles, CA On-site, Full Time Salary Up to $150k, Depending on...  ...position Integr8staff seeks an experienced Interior Designer with furniture fixtures and equipmentexperience for a global interior design...