SOC Analyst

Job Description:
Role Responsibilities:

• Perform security monitoring and analysis leveraging SIEM and security tools
• Conduct technical analysis and correlation of operating system, database, application, cloud and network logs to triage potential security events and incident investigations
• Analyze tactics, techniques, and procedures (TTPs) for various intrusion sets
• Develop custom SIEM content and tune security tools to prevent, detect and respond to malicious activity
• Utilize EDR and network security tools to conduct host and network-based detection analysis
• Conduct vulnerability scans and participate in tabletop exercises
• Improve the incident response process through tabletop exercises, playbook development, and standard operating procedures
• Day to day, primarily first responder to incidents

Requirements and Experience:

• Must have experience using various Threat Intelligence tools
• Experience managing ticket escalations, and incident response coordination across engineering, security, and management teams
• Experience in IDS/IPS, SIEM, EDR, DLP, Firewalls, DNS security, cloud security, Windows and Linux systems, etc.
• Familiarity with the Cybersecurity Framework (CSF) and a threat intelligence framework such as MITRE Telecommunication&CK
• Deep knowledge of threat and vulnerability analysis
• Extremely detail-oriented and ability to quickly investigate ongoing and emerging threats
• Experience in developing, acquiring, maintaining and implementing threat intelligence
• Strong computer knowledge (hardware & operating systems.
• Strong network knowledge
• Excellent communication skills (Phone/Email)
• Strong forensics background (soft requirement)
• Assist with weekly presentation slides and project updates
• Ability to write clear emails to non-technical staff and send incident updates to upper management when required.
• Ability to communicate with confidence and ensure the highest level of professionalism.
• Ability to interact and assist users over the phone