Job Overview
We are in search of experienced Security Operations Center (SOC) Analysts to join our elite team. This role is pivotal in safeguarding our global clientele from ongoing cyber threats, providing you with a unique opportunity to work in a fast-paced environment where your expertise will be instrumental in identifying, managing, and mitigating security incidents.
Key Responsibilities
- Lead the response to active security incidents and escalations from Level 1 and Level 2 analysts, employing your expertise to investigate client systems and logs to uncover attacker activity.
- Uphold rigorous standards of documentation and clear communication, ensuring clients are well-informed of the situation and the necessary countermeasures.
- Continuously monitor and assess security events from diverse sources, including SIEM logs, endpoint logs, and EDR telemetry.
- Conduct in-depth research of indicators and activities to evaluate reputations and identify potential threats.
- Execute detailed analyses of malware, attacker infrastructure, and forensic evidence.
- Manage sophisticated investigations and oversee incident declarations.
- Perform live response analysis on compromised endpoints.
- Engage in proactive threat hunting based on identified anomalies and curated intelligence.
- Collaborate with incident response teams to effectively identify, analyze, and escalate events.
- Assist in the refinement and advancement of security policies, procedures, and automation.
- Mentor junior analysts and act as a technical escalation point for your team members.
- Regularly communicate with clients to update them on incidents and aid in their remediation efforts.
Required Skills
- Expertise in SIEM solutions, Cloud App Security platforms, and EDR tools.
- Advanced knowledge of network protocols and telemetry analysis.
- Proficient in forensic analysis for both Windows and Unix operating systems.
- Skilled in evaluating Endpoint, Web, and Authentication logs.
- Experienced in creating detection mechanisms within SIEM/EDR environments.
- Familiarity with responding to contemporary authentication attacks.
Qualifications
- At least 5 years of hands-on experience in a SOC, TOC, or NOC setting.
- Relevant certifications such as GCIA and GCIH are essential; additional qualifications like GCFA, GCFE, CISSP, Security+, Network+, CEH, RHCA, RHCE, MCSA, MCP, or MCSE are advantageous.
- Knowledge of technologies such as Sentinel, Splunk, Microsoft Defender suites, and CrowdStrike Falcon is preferred.
- Understanding of IT infrastructure tools including GPO and Landesk.
- Exposure to programming languages such as JavaScript, Python, Lua, Ruby, GoLang, or Rust is beneficial.
Career Growth Opportunities
This position offers pathways for professional advancement, including opportunities to mentor junior staff and influence strategic technology initiatives within the organization. Your experience will not only contribute to immediate threat responses but will also shape the long-term security posture of our clients.
Company Culture And Values
Our company values collaboration and innovation, fostering a supportive environment where team members are encouraged to share insights and strategies. We are dedicated to professionalism and maintaining a respectful atmosphere amidst the challenges of a security operations role.
Networking And Professional Opportunities
As part of our team, you will engage with industry experts and have access to professional development resources, allowing you to enhance your skills and expand your professional network within the cybersecurity community.
Employment Type: Full-Time