SOC Cyber Detection & Response (CDR) Analyst

About the position The SOC Cyber Detection & Response (CDR) Analyst will be a key member of the Security Operations Center's Cyber Detection and Response Team at the Executive Office of Technology Services and Security (EOTSS). This role focuses on incident triage, detection, response, and remediation of IT threats, working collaboratively with Security Engineers and Managed Security Service Providers to ensure the security of the Commonwealth of Massachusetts' information technology systems. Responsibilities • Manage day-to-day security monitoring and incident response activities, including SIEM monitoring and Endpoint Detection and Response. • Assist in detection and incident response functions, including Security Incident Reporting tickets and customer notifications. • Conduct and participate in cybersecurity incident simulation exercises at various levels. • Monitor and respond to anomalous Internet, Extranet, and Intranet activity based on credible threat intelligence. • Collaborate with EOTSS customer organizations and EDR vendors for software testing and status reporting. • Develop and deliver cybersecurity education and awareness initiatives for state government. • Review third-party alerts to maintain situational awareness of security issues affecting Commonwealth agencies. • Conduct research into new threats that may impact Commonwealth agencies and local entities. • Promote security awareness through phishing campaigns and overall security awareness programs. • Prepare security reports for management utilizing enterprise security tools. Requirements • At least one year of full-time or equivalent part-time experience in information technology security. • An Associate's degree in a related field may substitute for the required experience. Nice-to-haves • Knowledge of SIEM (Security Information and Event Management) Splunk. • Familiarity with cloud computing (AWS/AZURE/GCP). • Knowledge of TCP/IP, VLANs, computer networking, routing, and switching. • Familiarity with IDS/IPS, penetration and vulnerability testing. • Understanding of network protocols and packet analysis tools. • Familiarity with Windows and Linux operating systems. • Understanding of Proofpoint and other email security tools. • Security certifications desired but not required. • Experience with EDR Tools, particularly Palo Alto Cortex. Benefits • Comprehensive employee benefits package including health insurance, retirement plans, and paid time off. Apply tot his job