Cybersecurity Consultants

You will be responsible for providing the top talent level for analysis and determination of malicious activity. This role will provide training and support to Jr and Sr level analysts and act as the last line of review before escalation to response team. This role will also require the creation and maintaining of SOPs and other department documents as well as the review of other analysts’ work as well as other duties.

Additional responsibilities of the Senior Security Operations Center (SOC) Analyst include:

• Performing inbound security event analysis in an industry leading SIEM in a shift environment and supporting Level 1 and 2 analysts engaged in the same task.
• Review ongoing or completed investigations performed by Level 1 & 2 SOC Analysts for potential escalation and / or provide analysis feedback to Analyst and SOC Managers
• Reviewing alerts in an industry-leading SOAR platform and creating cases in the case management environment
• Performing review and validation of daily compliance reports to track business as usual and out of policy activities.
• Working alongside senior security engineers and architects to deliver superior security services to CVS Health business units.

Essential Qualifications and Functions:

Knowledge of:

• Strong understanding of networking concepts & protocols (TCP/IP, UDP, DNS, DHCP, HTTP, HTTPS, VPN, etc.)
• Strong understanding of operating system architecture (Windows, UNIX, Linux, MacOS)
• Strong understanding of cyber security / Information Security concepts (Phishing, Malware, Vulnerabilities, DDoS)
• Strong understanding of Microsoft Technologies such as Active Directory, DNS, DHCP
• Strong understanding of various identity and access management / authentication concepts and technologies
• Ability to collect data from disparate systems in order to correlate and perform data analysis

Skill In:

• Precise & concise written communication
• Organizational multitasking & commitment to follow-up
• Public Speaking

Ability To:

• Perform & document accurate investigative analysis for cyber security Threat Response in a fast-paced environment with rapidly shifting priorities
• Take the lead on investigative analysis and incident research
• Maintain regular and predictable attendance in a shift-based environment
• Perform any additional SOC tasks as directed by Sr Manager or Director

Preferred Qualifications:

Knowledge of:

• Working experience and knowledge of two or more of the following security related technologies: Intrusion Prevention systems, Web Proxies, SIEM, SOAR, EDR, Firewalls, Web Application Scanner, Vulnerability Scanners, Malware Research Tools or Forensics Tools

Ability To:

• Provide input on policy direction & best practices
• Provide constructive feedback for fellow colleagues
• Provide evidence of or obtain one or more certifications, including but not limited to Network+, Security+, CySA+, CCSP, CCSK, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, AWS, Blue Team Level 1 or 2, Microsoft Azure Security Engineer or equivalent

Role & responsibilities