SOC Analyst

Job duties:

Tier 1 Overflow Responsibilities:

• Develop new signatures and correlated searches based on a variety of requirements
• Document work within a security operations ticketing system
• Analyze data and events within the SIEM or SOAR for prioritization and priority elevation
• Identify data sources and analytics for inclusion into SIEM or SOAR
• Remote Client System Monitoring and Analysis
• Tracking, and reporting of security patch/upgrade implementation
• Scheduling, execution and tracking of vulnerability remediation activities
• Information gathering, port and vulnerability scanning and analysis according to policy

Tier 2 Responsibilities (Incident Response Leader):

• Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
• Work with client in remediation efforts
• Notify SOC manager of all elevated incidents and keep appraised of progress
• Collaborate with Tier 3 Analysts on Threat Hunting requirements
• Manage and administer the SOC tools (SIEM, SOAR, IDS, etc.)
• Develop reports and other capabilities to support the needs of our clients
• Development of security policies, processes, and procedure
• Development and delivery of presentations
• Workload estimation for new clients
• Conducting security audits
• Mentor Tier 1 Analysts to grow and assist in Tier 2 requirements

Requirements:

• 1 years of experience investigating security events and incidents or performing computer forensic analysis
• 3 years SIEM experience; 1 years SOAR experience
• 4 years of experience with Incident Response
• Experience in Critical Infrastructure OT systems and protocols to include SCADA, PLCs, etc.
• Familiarity and experience with Risk Management Frameworks
• Scripting skills in any common language (Python, Perl, Bash, or Powershell)
• Skilled at using multiple operating systems