About Skyline

Our mission is to build a more resilient and connected society.By providing flawless, next-generation IT services, our team plays an integral role in ensuring that millions of drivers on miles of roads get where they need to go, literally! We help our clients keep their state moving and their cities and neighborhoods safe.

We create business-aware networks today that are flexible and scalable for tomorrow.Our approach lies in understanding your mission and designing a network that will evolve as you face new challenges in a multi-tenant environment. We design the building blocks for future growth with specific expertise in enterprise networks, data centers, and service providers.

About Our Team

Skyline Technology Solutions is a full-service IT integrator, enterprise solution provider, and product developer to transportation, education, and public safety customers in federal, state, local, and commercial spaces. Skyline specializes in managed IT solutions, public safety data, video interoperability, and physical security and access control services.

We create business-aware networks today that are flexible and scalable for tomorrow. Our approach lies in understanding our client's mission and designing a network that will evolve as they face new challenges in a multi-tenant environment. With specific expertise in enterprise networks, data centers, and service providers, we design the building blocks for future growth.

Our New Teammate

Skyline is looking for an energetic, self-motivated, intellectually curious Cyber Defense Analyst with hands-on experience monitoring, detecting, and analyzing threats and strange activities to identify and defend against validated intrusion events.

Our new teammate will join an energetic team that diligently monitors the network and system security events, vigorously hunts for threats, develops alerts for suspicious and malicious activity, and protects the company by escalating these threats for redress. This individual will eagerly contribute to our mission, advance the team’s expertise with their knowledge of various security tools and technologies, and support their fellow teammates in a dynamic, growing, and changing environment.

You can expect to spend your time accomplishingthe following:

• 30% of time on Objective 1: Incident Detection and Response
• 30% of time on Objective 2: Security Monitoring and Analysis
• 15% of time on Objective 3: Vulnerability Management
• 15% of time on Objective 4: Incident Analysis and Reporting
• 10% of time on Objective 5: Continous Improvement and Knowledge Sharing

Job Responsibilities What to Expect

•  
• Monitor and review security events and alerts to identify potential security incidents and provide mentorship to junior analysts, as necessary.
• Investigate and analyze security incidents, determining the nature, scope, and impact.
• Perform in-depth analysis of network traffic, system logs, and security events to identify indicators of compromise.
• Initiate and coordinate incident response activities to contain and mitigate security incidents.
• Document incident details, actions taken, and lessons learned for future reference.
• Monitor, edit, review, and improve security information and event management (SIEM) tools and other security technologies to detect and respond to security events.
• Analyze and correlate security logs, network traffic, system behavior, and other available data sources to identify anomalous or malicious activities.
• Conduct threat hunting and proactive analysis to identify potential threats and vulnerabilities.
• Stay updated on the latest security threats, vulnerabilities, and attack techniques to enhance and improve detection capabilities.
• Identify and assess vulnerabilities in systems, networks, and applications using vulnerability scanning tools.
• Prioritize vulnerabilities based on risk and impact to the organization.
• Collaborate with system administrators and stakeholders to ensure timely patching and remediation of identified vulnerabilities.
• Assist in developing and implementing vulnerability management strategies and processes.
• Conduct detailed analysis of security incidents to determine the root cause, extent of impact, and potential remediation steps.
• Generate comprehensive incident reports, including technical details, recommended actions, and preventive measures.
• Proactively and professionally, communicate incident findings to stakeholders, such as management, IT teams, or external entities, as necessary.
• Stay abreast of emerging threats, vulnerabilities, and industry trends.
• Contribute to development and enhancement of SOC processes, procedures, and tools.
• Participate in post-incident reviews and provide recommendations for improving incident response capabilities.
• Share knowledge and expertise with junior team members, providing guidance and mentorship.

Your Knowledge & Expertise

• Bachelor’s degree in Cybersecurity, Information Systems, or a related field preferred; equivalent work experience accepted.
• 4+ years of previous experience, prior experience woking in a SOC preferred.
• CySA+ certification required
• CompTIA Security+ or equivalent certification required.
• Knowledge of incident response processes and methodologies.
• Familiarity with antivirus, anti-malware, endpoint protection, SIEM and other relevant tooling
• Strong understanding of network protocols, TCP/IP, and network architecture.
• Knowledge of firewalls, intrusion detection systems (IDS), and network security appliances.
• Knowledge of cybersecurity principles, frameworks, and methodologies.
• Experience with and/or understanding of cyber threats and vulnerabilities. 
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 
• Knowledge of vulnerability information dissemination sources (advisories, bulletins, etc.). 
• Knowledge of laws, policies, procedures, or governance relevant to Cybersecurity