SOC Analyst

What You Can Expect

• Provide primary triage, analysis and operational support for security events and alerts.
• Perform correlation using security analytics tools, log aggregators, advanced network malware protection, data indicator mining tools, forensics tools and threat intelligence repositories.
• Perform real-time incident handling (e.g., intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response
• Participate in analyzing nature of the attack and root cause analysis of an incident.
• Monitor external data sources proactively to determine which security issues may have an impact on the enterprise.
• Document and publish techniques, guidance, and reports on incident findings to appropriate constituencies
• Participate in the improvement tasks such as but not limited to false positive reduction, use case refinement.
• Effectively communicate both verbal and written updates on alerts and incident

What We're Looking For

• 4+ years' experience as a SOC Analyst preferably for a 5000 person enterprise.
• Experience in working with a geographically diverse team in multiple time zones around the globe
• Strong communication skills and an ability to adapt a message to audiences ranging from technology SMEs to company executives to stakeholders in every business discipline.
• Deep understanding of MITRE ATT&CK, with demonstrated experience building detection cases and playbooks around the tactics and techniques most relevant to your business.
• Proficient technical writing skills (documenting processes and procedures).
• Ability to solve problems and work through ambiguity and uncertainty.
• Proficiency with one or more DLP platform
• Experience working extensively with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners.
• Expert level and continually expanding understanding of common and emerging security threats and vulnerabilities
• Self-motivated and proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry.
• Industry security certifications such as C|EH and relevant GIAC certifications or equivalent highly desirable.
• Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization.

What You Can Expect

• Provide primary triage, analysis and operational support for security events and alerts.
• Perform correlation using security analytics tools, log aggregators, advanced network malware protection, data indicator mining tools, forensics tools and threat intelligence repositories.
• Perform real-time incident handling (e.g., intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response
• Participate in analyzing nature of the attack and root cause analysis of an incident.
• Monitor external data sources proactively to determine which security issues may have an impact on the enterprise.
• Document and publish techniques, guidance, and reports on incident findings to appropriate constituencies
• Participate in the improvement tasks such as but not limited to false positive reduction, use case refinement.
• Effectively communicate both verbal and written updates on alerts and incident

What We're Looking For

• 4+ years' experience as a SOC Analyst preferably for a 5000 person enterprise.
• Experience in working with a geographically diverse team in multiple time zones around the globe
• Strong communication skills and an ability to adapt a message to audiences ranging from technology SMEs to company executives to stakeholders in every business discipline.
• Deep understanding of MITRE ATT&CK, with demonstrated experience building detection cases and playbooks around the tactics and techniques most relevant to your business.
• Proficient technical writing skills (documenting processes and procedures).
• Ability to solve problems and work through ambiguity and uncertainty.
• Proficiency with one or more DLP platform
• Experience working extensively with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners.
• Expert level and continually expanding understanding of common and emerging security threats and vulnerabilities
• Self-motivated and proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry.
• Industry security certifications such as C|EH and relevant GIAC certifications or equivalent highly desirable.
• Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization.