SOC Analyst Level 3 (1st Shift Or 2nd Shift)
The SOC Analyst will perform responsibilities as the technical lead and incident responder for Company's Security Operations Center. This means leading technical investigations for security incidents, overseeing process improvements, and driving implementation of new capabilities, serve as a technical escalation resource for other SOC Analysts and provide mentoring for skill development.
Perform investigation and escalation for complex or high severity security threats or incidents.
Work with SIEM Engineering and other security partners developing and refining correlation rules.
Assist in defining and driving strategic initiatives.
Create and develop SOC processes and procedures working with Level 2 Analysts.
Define and assist in creation of operational and executive reports.
Define tool requirements to improve SOC capabilities
Provide leadership and technical guidance in project planning, task definition, estimating, reporting, scheduling, documentation, and workflow.
10+ years of technical experience in Information Security, System Administration, or Network Engineering with at least 5 years of experience in Information Security.
College degree in a related field or equivalent work experience.
Experience in Security Operations and Incident Response.
Detailed practical knowledge of Internet protocols, Firewalls, load balancers, Routers, Switches, intrusion detection/prevention systems.
Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats.
Advanced knowledge and expertise of using SIEM technologies for event investigation.
Advanced event analysis leveraging SIEM tools, incident investigation and response, log parsing and analysis.
Advanced knowledge of networking fundamentals (ie network layers, Ethernet, ARP, TCP/IP, etc), threat landscape (threat actors, cyber-crime, APT), and malware operations and indicators.
Advanced knowledge of penetration techniques, DDos mitigation techniques, IDS/IPS systems, Unix, Linux or Windows.
Experience with Data Loss Prevention, Scripting, forensic techniques, Wireshark, Gigastor, Netwitness, PCI, HIPPA, SOX.
Security certifications preferred (ie GCIH, GIAC, CEPT, CISSP, etc.)
Employment Type: Permanent
Work Hours: Full Time
Pay: $110,000 to $120,000 USD
Pay Period: Annual
Click here to apply
Please mention that you saw the job on Business Analyst Learnings