Cyber Security Analyst SOC

This position will work within Cyber Floridas Security Operations Center (SOC) Apprenticeship Program and the Florida Cyber Hub. The SOC Analyst (Full Time) will work with security tools such as a SIEM DLP IDP threat reports and other security tools to identify incidents and threats. The SOC Analyst will also complete incident reports produce threat advisories and reports and handle issues according to established procedures and guidelines. The SOC Analyst will perform troubleshooting of technical issues provide technical support to business partners and end users and create technical documentation. The SOC Analyst will also assist in training new hires (junior staff and students) in their SOC Analyst roles and provide cyber security engineering support to SOC operations.

This position is is time-limited and will be reviewed each year for extension based on funding.

• Create and assist in documenting processes procedures and other activities related to the SOC.
• Work and develop security applications for operational security (SIEM queries Defender queries runbooks etc.)
• Analyze and respond to security alerts. Provide timely updates and resolutions to end-users.
• Prepare detailed threat advisories with recommendations and indicators of compromise.
• Research trends and current precautions for cybersecurity vulnerabilities exploits and other potential threats.
• Assist in training junior staff and new student SOC analysts and getting them acclimated to the environment.
• Guide junior analysts on best practices and assist in distributing their workload.
• Work on security engineering projects that will help in the build-out and capability of the SOC.
• Review set up test and implement cloud hybrid and on-prem cyber security engineering solutions. (Velociraptor malware analysis lab network IDS etc.)
• Maintain and update log management and SIEM solution (Splunk Elastic etc.)
• Familiar with Amazon Web Services (AWS) such as Workspaces EC2 instances and security groups. Create and maintain golden images (AMIs) for deployment within an AWS environment.
• Familiar with Microsoft Azure such as Virtual machines Storage and security groups. Create and maintain golden images (VHDs) for deployment within an Azure environment.
• Perform software installations and upgrades to operating systems and software applications.
• Act as a point of escalation to resolve requests or issues from end users.
• Implement and enhance technology standards based on best practices ensuring high system availability and providing an easily sustainable compatible and scalable architecture for future implementations.
• Perform routine security tasks in support of the systems for the Security Operations Center.
• Review security tools and create status reports according to schedule and need.
• Analyze and investigate security data from a range of security tools and resources.
• Conduct and provide incident response and digital forensic support when required.
• Research threats and monitor feeds to produce cyber threat intelligence reports.
• Keep up to date with cybersecurity software and hardware tools and resources.
• Communicate effectively with clients while thoroughly documenting conversations exchanges or sessions into ticketing systems.
• Provide feedback to leadership for improvement.
• Performs other information technology duties as required to support the units work

Minimum Qualifications:
Bachelors degree in computer science MIS or other field involving software and analytical training one year of IT-related work experience OR a bachelors degree with no specific required field and two years of IT-related work experience.

Preferred Qualifications:
Masters degree in a related field OR a combination of four years of IT-related work experience and validated training. Preparation for relevant IT certification is related to training. Demonstrated ability to link program goals to strategic goals. Detail-oriented with strong communication skills and the ability to effectively manage time and tasks is imperative. Must be able to work collaboratively with all team members and the university.

FLSB1310 Equivalency:
4 years of directly relevant experience may be substituted for bachelors degree.
6 years of directly relevant experience may be substituted for masters degree.

This position may be subject to a Level 1 or Level 2 criminal background check.
Applicants for USF employment are entitled to request reasonable accommodation(s) in the application process. A request is to be made at least five (5) working days prior to the time the accommodation(s) is needed. Contact the USF ADA Lead () to coordinate your accommodation request.