SOC Analyst-Perm. WFH (Only from Mfg)

Role & responsibilities

Security Monitoring & Triage:

- Monitor alerts from SIEM, EDR (CrowdStrike), CASB (Netskope), and OT security tools (e.g., Ordr).

- Perform initial triage and escalate incidents based on severity and impact.

• Incident Investigation & Response:

- Conduct in-depth analysis of security events across IT and OT networks.

- Lead containment, eradication, and recovery efforts for confirmed threats.

- Document incidents, root cause analysis, and lessons learned.

• Threat Hunting & Detection Engineering:

- Proactively hunt for threats using MITRE ATT&CK and threat intelligence.

- Develop and fine-tune detection rules and response playbooks.

• Vulnerability Management:

- Analyze vulnerability scan results and coordinate remediation with IT/OT teams.

- Track patching and mitigation efforts across environments.

• Automation & Scripting:

- Create scripts and automation workflows (Python, PowerShell, Bash) to improve SOC efficiency.

-Support SOAR platform integration and playbook development.

• Collaboration & Communication:
• Work closely with IT, OT, and engineering teams to secure industrial systems.
• Provide mentorship to junior analysts and contribute to knowledge sharing.
• Escalate critical issues clearly and effectively to leadership.

Required Skills & Knowledge:

• Strong understanding of:

- Operating systems: Windows, Linux, macOS, and embedded OT systems.

- Networking: TCP/IP, VLANs, VPNs, firewalls, and industrial protocols (Modbus, OPC, DNP3).

- Security tools: CrowdStrike, Netskope, Ordr, FortiGate.

• Proficiency in scripting and automation (Python, PowerShell, Bash).
• Familiarity with vulnerability management tools.
• Knowledge of cybersecurity frameworks (MITRE ATT&CK, NIST CSF, ISO 27001).
• Strong analytical, problem-solving, and communication skills.

Preferred Qualifications:

Preferred candidate profile