JOB DESCRIPTION:
As a member of the client's Security Operations Center, the SOC Analyst I provides event analysis and triage, remote support, appliance management and health monitoring to customers.
The SOC Analyst will be a part of a Managed Security Services offering which integrates and delivers products as-a-service to our customers. The Security Analyst will work closely with the Lead Analyst(s), Engineering staff, and clients to complete high profile, critical services to existing Managed Security Service clients, and to on-board new clients as necessary.
- Serve as a primary responder for SOC customer incidents, taking ownership of client support issues and tracking through resolution.
- Provide Tier 1 triage and support for SOC Customers, following established processes and interacting appropriately with customers, other analysts, and partners when required.
- Monitor and analyze logs and alerts.
- Investigate intrusion attempts and perform in-depth analysis of exploits.
- Provide other administrative services for customers.
QUALIFICATIONS (required):
- Excellent (fluent/native) written and spoken English.
- Some experience in the Information Security field, typically gained in 2+ years of work or equivalent.
- College degree or equivalent work experience
- Knowledge in one or more Information Security areas to include:
- SIEM Configuration and Management
- Log Collection
- Network Traffic Analysis
- User Behavior Monitoring
- Malware Mitigation
- Incident Response
- Understanding of network architecture and implementation is a must; ideal candidate will have worked with network security analysis.
- Crowdstrike experience
- Experience providing analysis of security log data from heterogeneous data sources.
- Excellent time management, reporting, and communication skills.
- Superior IT problem-solving skills.
- Eligibility to obtain Security Clearance
- Schedule flexibility, including the ability to provide on call support when needed.
QUALIFICATIONS (desired):
- Demonstrated success working in a Security Operations Center, Managed Security, or client network environment.
- Experience working with Internal and client Ticketing Systems for Incident and Problem Tracking (i.e. ServiceNow, Remedy, Connectwise, Zendesk etc.).
- General security knowledge (CySA+, Security +, CEH, Cisco Security, or other security certifications).
- An understanding of a wide array of server grade applications to include: Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others
- Knowledge of any programming language for the purposes of automating tasks
