SOC Analyst, 2nd Shift
This is a 2nd Shift position. Hours are 3.00 pm- 11.30 pm, Monday to Friday
Fortune 500 Financial Services Organization is seeking a Level 1 and Level 2 Security SOC Analysts for 2nd shift positions. The Security Operations Center (SOC) Analyst is responsible for monitoring multiple security technologies using the Security Information and Event Management (SIEM) tool to detect IT security incidents. The analyst will follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents-Monitor multiple security technologies, such as IDS/IPS, syslog, file integrity, vulnerability scanners. -Correlate and analyze events using the Security Information and Event Management (SIEM) tool to detect IT security incidents. -Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents. -Provide 24x7 operational support for escalations on a rotating basis.
Responsibilities:
-Monitor multiple security technologies, such as EDR, IDS/IPS, syslog, file integrity, vulnerability scanners.
-Correlate and analyze events using the Security Information and Event Management (SIEM) tool to detect IT security incidents.
-Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
-Provide 24x7 operational support for escalations on a rotating basis.
Qualifications:
The ideal candidate will have 4
years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and log analysis, intrusion detection, or Firewall administration. They should also have 2-5 year's experience of one of the following: engineering -System administration on Unix, Linux, or Windows.
In addition, the ideal candidate must have the following knowledge/
Experience:
Moderate to Advanced event analysis leveraging SIEM tools (Splunk preferred)
Moderate incident investigation and response skill set
Moderate log parsing and analysis skill set
Moderate knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)
Moderate knowledge of malware operation and indicators
Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
Moderate knowledge or IDS/IPS systems
Moderate knowledge of Windows and Unix or Linux
Moderate knowledge of Firewall and Proxy technology
Moderate knowledge of penetration techniques
Moderate knowledge of DDoS mitigation techniques
Basic knowledge of Data Loss Prevention monitoring
Basic experience with Scripting
Basic knowledge of forensic techniques and live event analysis
Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)
Experienced in mentoring and training Junior Analysts
Security Certifications Preferred (Including but not limited to the following certifications):
Certified Incident Handler (GCIH)
Certified Intrusion Analyst (GIAC)
Certified Ethical hacker (CEH)
Certified Expert penetration tester (CEPT)
Certified Information Systems Security Professional (CISSP)
Networking Certifications (CCNA, etc)
Platform Certifications (Microsoft, Linux, Solaris, etc)
|
|
 | |
