SOC Analyst Level 2

POSITION SUMMARY

Join a highly skilled and motivated team of Cyber Security Professionals tasked with protecting customer infrastructure. The Cyber Security Analyst role is primarily focused on responding to alerts, detection of IOCs (Indicators of Compromise), incident response, alert/SIEM tuning, threat hunting, and triage. Leverage Microsoft Sentinel as well as, cyber case management and supplementary tools to investigate, contain, and remediate cyber security incidents. The Cyber Security Analyst must have a drive to learn and grow as the industry changes and the SOC adapts rapidly.

ESSENTIAL FUNCTIONS

• Respond to and validate alerts
• Lead or support Incident Response investigations for customers
• Coordinate efforts with 3rd party SOC teams for joint operations
• Perform analysis of logs and alerts to differentiate security incidents from security events
• Discover and correlate relationships between unrelated event information as part of an investigation
• Obtain corroborating evidence through packet analysis of network traffic
• Coordinate with appropriate teams to provide incident handling and response support
• Continuously improve incident response procedures & runbooks
• Handle security incident escalation via Cyber Case Management tools, SIEM, ITSM, email, phone, or walk-up
• Manage security incidents to completion and work with internal teams for remediation or escalation assistance
• Gathering forensic evidence
• Analyzing events based on digital artifacts
• Determining mitigation/remediation/security improvement opportunities
• Working with stakeholders to communicate findings

POSITION QUALIFICATIONS/CORE COMPETENCIES

• Experience in incident response, investigation, system forensics, or related cyber security education
• Formal education or certifications in incident response, forensics, cyber security case management, IT technology, networking, or related topics
• Experience reviewing and analyzing log data from various network and security devices
• Experience with well-known information security related tools for packet capture, network/OS fingerprinting, and communication
• Familiarity with Windows and Linux operating systems including command line operation
• Possess a strong foundation in networking fundamentals with deeper knowledge of TCP/IP and other core protocols
• Knowledge of common network-based services and common client/server applications
• Excellent verbal/written communication, interpersonal and organizational skills
• Communicate effectively with varied levels of staff to develop positive working relationships
• Ability to continuously improve skillset to combat changing threat landscape
• Excellent problem-solving skills to diagnose technical issues
• Manage customer situations professionally to aid in positive customer satisfaction
• Ability to learn innovative technology and concepts quickly
• Ability to work on a shift or on-call rotation if needed
• Experience working on a security operations team
• Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge
• Experience with enterprise SIEM products
• Experience with ITSM, SOAR, or Cyber Case Management Tools
• Experience working Microsoft Security:
• Microsoft Defender
• Microsoft E3/E5 Security
• Microsoft Sentinel
• Microsoft Endpoint Security
• Experience acquiring and analyzing data from clients and servers related to security incident response
• Digital Forensic or Threat Intelligence work

• Familiarity with common security standards such as PCI, HIPAA, Sarbanes Oxley, ISO 27001, NIST, or CIS
• Strong understanding and knowledge of risk assessment, security assessment, and vulnerability management using Azure solutions
• Strong knowledge of Microsoft365/Azure cloud architecture and its security concerns
• Comfortable presenting to CIO/CISO/CTO solution demonstrations and virtual whiteboard sessions
• Ability to work cooperatively with sales, services and the Project Management team
• Demonstrated passion for Microsoft technology, solution design and self-study
• Previous experience working in collaborative team environments
• Excellent verbal and written communication, organization skills and detail oriented (English Language)
• Experience working for a systems integrator is preferred
• Ability to work 8 to 5 in a US Time Zone
• Demonstrated passion for self-study, and self-learning to keep up with the changing security landscape and customer needs

Posted On: Wednesday, February 21, 2024
Compensation: $24,000.00