L1 SOC Analyst - Splunk

Job Description

Provide guidance to senior members on tuning opportunities. Analyze and fully remediate phishing incidents. Analyze and triage EDR security incidents Engage in communication for employee reported security events Participate in incident response activities as necessary. Required experience : Extensive knowledge of internet security issues and the threat landscape. Previous experience with the following tools is helpful: Splunk, SentinelOne, Microsoft Security products. Problem-solver with excellent communication skills, a deep technical understanding of security best practices. Strong grasp of operating systems (Windows, Linux, MacOS) and networking protocols and concepts. Extensive knowledge of internet security issues and the threat landscape. Ability to understand and apply the incident response life cycle to events. Previous experience with the following tools: Splunk, EDR Solutions, Microsoft Security products. Problem-solver with excellent communication skills, a deep technical understanding of security best practices. Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. Analyze log files from a variety of sources (for example, Individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security. Utilize SIEM tools, such as Splunk and EDR tools, to enhance monitoring capabilities and expanding on the security posture of the current environment. 2+ years experience in a SOC or Fusion Center environment Good to have skills : Incident Response specific or other relevant certifications [ex. GCIH, ECIH, SEC + etc.] Experience with incident response in cloud platforms [AWS, GCP, etc].