Oracle is seeking a Security Operations Center (SOC) analyst with experience protecting critical infrastructure to help us defend Oracle cloud infrastructure. Our team is skilled in threat hunting, analyzing indicators of compromise (IOCs), investigating adverse security events, security incident management, and digital forensics across LaaS, PaaS and SaaS environments. Analyst will be part of a corporate security operations center responsible for defending infrastructure from adversaries and insider threats. This includes using tools to analyze and respond to threats, creating tools/scripts to aid in analysis, and responding in real time to adverse security events. We are expanding the team and working on ambitious new initiatives. The Senior SOC Analyst will leverage advance security tooling and automation to rapidly detect and respond to real-time security alerts and events and conduct detailed root cause investigations. The analyst will work closely with other SOC personnel, forensics, incident response, and engineering partners to mitigate a wide variety of threats and malicious activity. As a member of this fast paced team, Analyst will execute controls to protect the infrastructure and employees against internal and external malicious attacks and infiltration.
Career Level IC3
Description
- Support shifts and on call rotations
- Detect and respond to security events and threats from alerting, escalations, and other sources
- Lead complex investigations and conduct deep analysis of security events focused on rapid containment, remediation, and mitigation
- Work closely with security engineering teams to improve monitoring, detection, and tooling
- Understand the threat landscape, emerging trends, and incorporate this understanding into day-to-day security monitoring
- Operate SOC technologies, including but not limited to a Security Information Event Management (SIEM) platform, Intrusion Detection Systems (IDS),SOAR, Firewalls, Anti-Malware solutions EDR, Web Application Firewalls (WAF), and Data Loss Prevention (DLP) and insider threat tooling.
- Assist with security incident response activities
- Development and execution of Standard Operating Procedures, Event Handlers and Job Aids required for successful task completion
- Work directly with system owners to identify, isolate and re-mediate malware and other security incidents
- Prepare assigned reports for the SOC manager
- Provide high quality written and verbal reports as required
- Actively monitor and respond the SIEM alert queue and triage alerts
- Investigate alerts using standard operating procedures
- Monitor several screens, systems, and alerts simultaneously enhance existing incident response methods, tools and processes which provide the organization value by reducing risk
- Contribute towards improving incident response delivery by leveraging lessons learned
Preferred Qualifications
Bachelor s degree or equivalent combination of education and experience in computer science, computer engineering, Electronics, mathematics or related field
- 5+ years of Security Operations Center, Incident Response, and/or Forensic Analyst experience
- Comfortable working in an ambiguous, fast-paced, unpredictable environment
- Experience working in a highly collaborative, team centric, event driven operations team
- Experience with querying across large data sets to understand complicated and difficult to solve problems
Strong attention to detail - Experience with variety of operating systems and threats that target them including Windows, UNIX/LINUX, and MacOS
- Programming experience with Python and scripting will be an added advantage.
- Experience performing open source research on a variety of security topics
- Excellent verbal/non-verbal communication skills with proficient ability to deliver technical information to non-technical staff
