W2 ONLY
The Business Technologies Division at Denver International Airport (DEN) is seeking an experienced Security Operations Center (SOC) Information Security Analyst to support its Information Security team. The selected consultant will be responsible for monitoring, analyzing, investigating, and responding to cybersecurity incidents and security events across DEN's environment.
The ideal candidate will possess strong expertise in Security Operations Center activities, SIEM monitoring, incident response, threat hunting, threat intelligence analysis, and security tool management. The role requires the ability to communicate technical findings effectively to both technical and non-technical stakeholders.
Key Responsibilities
Security Monitoring & Incident Response
- Monitor and analyze security alerts generated through SIEM platforms.
- Investigate cybersecurity incidents reported through DEN's ticketing systems.
- Conduct security event triage to determine:
- Scope
- Severity
- Urgency
- Business impact
- Execute containment, mitigation, and remediation activities according to established procedures.
- Escalate incidents when necessary and provide recommendations for resolution.
Threat Hunting & Threat Intelligence
- Perform proactive threat hunting across DEN's network and systems.
- Review and analyze cybersecurity advisories from sources such as:
- US-CERT
- A-ISAC
- Security vendors
- Industry threat intelligence feeds
- Identify indicators of compromise (IOCs), attack patterns, and emerging threats.
- Recommend preventive and detective security measures based on intelligence findings.
Process Development & Documentation
- Develop and document incident response procedures when existing playbooks are unavailable.
- Leverage industry best practices and open-source frameworks to improve response capabilities.
- Maintain accurate documentation of incidents, investigations, and remediation actions.
- Contribute to continuous improvement of SOC operations and security processes.
Additional Duties
- Support other cybersecurity initiatives and tasks assigned by management.
- Collaborate with security, infrastructure, and business teams to strengthen DEN's security posture.
Required Qualifications
Experience
- Minimum 2+ years of experience working as a Security Operations Center (SOC) Analyst.
- Hands-on experience with:
- Security monitoring
- Incident response
- Threat hunting
- Threat intelligence analysis
- Security event investigation
Technical Skills
Strong understanding of:
- TCP/IP Networking
- Routing & Switching
- DNS
- NTP
- TLS/SSL
- Ping
- Traceroute
- Network troubleshooting fundamentals
Preferred Skills
Experience with one or more of the following technologies:
- Microsoft Azure
- Microsoft Entra ID
- Microsoft Sentinel
- Microsoft Defender
- CrowdStrike
- Similar Endpoint Detection & Response (EDR) platforms
Desired Competencies
- Strong analytical and problem-solving skills.
- Ability to work independently in a remote environment.
- Excellent written and verbal communication skills.
- Ability to explain technical security concepts to non-technical audiences.
- Strong documentation and reporting capabilities.
- Attention to detail and incident ownership mindset.
- Commitment to cybersecurity best practices and continuous learning.
