Cybersecurity Operations Analyst

Please review the job details below.

Maxar Intelligence is a provider of secure, precise, geospatial intelligence. We deliver disruptive value to government and commercial customers to help them monitor, understand and navigate our changing planet. Our unique approach combines decades of deep mission understanding and a proven commercial and defense foundation to deploy solutions and deliver insights with unrivaled speed, scale and cost-effectiveness. This position can be performed remotely within the United States.

The Maxar Cybersecurity team is seeking an experienced Cybersecurity Operations Analyst who will provide ongoing support for the Cybersecurity Operations Center (CSOC) in the areas of incident response and investigation. This person will be responsible for providing initial, front-line, analysis and resolution of security alerts as generated by the SIEM and other monitoring solutions capable of generating alerts.

Primary Duties and Responsibilities

• Monitor security tools and provide appropriate remediation response when necessary.
• Escalate security events as needed and/or driven by process.
• Perform and/or coordinate information gathering and analysis that will be provided to Maxar IT teams responsible for clearing actions.
• Interact with MDR analysts to conduct triage and analysis of real-time data feeds and alerts to detect potential intrusions.
• Work with Cybersecurity Engineering resources to correct issues with log source generation, security tool issues, and building out of automation run books.
• Implement changes to the technologies required, including inclusion of log sources/types and changes to alerts.
• Work directly with Threat Intelligence and Hunting team members to ensure the identification and awareness of potential threats.
• Collaborate and support the vulnerability management team in identification and awareness of zero-day vulnerabilities.
• Participate in Incident Response activities.

Required Qualifications

• Must be a U.S. Citizen
• Must be able and willing to obtain a secret security clearance
• 2+ years' experience working in a Security Operations Center environment.
• 5+ years' experience working in a Cybersecurity Role.
• Experience with wide range of cybersecurity technologies including SIEM, EDR, Perimeter Email Protection, SOAR, and others.

Preferred Qualifications

• A bachelor's degree in science is preferred, with a focus on Information Security.
• CySA+, CISSP or equivalent cybersecurity certification
• Ability and willingness to share on-call responsibilities, work non-standard hours, and aid cybersecurity investigations.
• General network and system/application architecture/administration principles
• General knowledge of monitoring system architecture maintained by Cybersecurity such as SIEM and Log Management architecture.
• Understanding of current trends in attacker and threat actor tools, techniques, and procedures.
• Experience with Windows, Linux and MacOS environments.
• Professional experience with AWS.
• Experience …