Introduction:
Do you thrive on being the first line of defense against cyber threats? Are you passionate about monitoring, detecting, and responding to security incidents in real-time? If you're a detail-oriented professional who loves investigating and stopping cyberattacks, then our client has the perfect opportunity for you. We're looking for a Security Operations Center (SOC) Analyst (aka The Cyber Sentinel) to join our security team and help protect our digital assets from evolving threats.
Imagine being the eyes and ears of the organization's cybersecurity posture, where your expertise in threat detection and incident response helps protect critical infrastructure. As a SOC Analyst at our client, you'll monitor security events, analyze potential threats, and respond quickly to incidents. This role is not just about reacting to security alerts—it's about proactively safeguarding systems and ensuring the organization's security is rock solid.
Key Responsibilities:
Real-Time Threat Monitoring: - Continuously monitor security events and alerts through a SIEM platform to detect and investigate suspicious activities. You'll be responsible for identifying potential security breaches and ensuring that threats are neutralized before they escalate.
Incident Response and Investigation: - Act as the first responder to security incidents, conducting triage, analysis, and containment of threats. You'll investigate alerts, determine the severity of incidents, and work with the team to mitigate risks and minimize impact.
Log Analysis and Correlation: - Analyze logs and network traffic from various sources (firewalls, IDS/IPS, antivirus, and endpoint protection tools) to identify signs of compromise. You'll use correlation rules to connect the dots and find hidden threats within the noise.
Threat Intelligence Integration: - Leverage threat intelligence feeds and external sources to stay ahead of emerging threats. You'll integrate threat intelligence into the SOC to improve detection capabilities and ensure that security controls are updated with the latest threat data.
Incident Reporting and Documentation: - Document and report on security incidents, providing detailed analysis and recommendations for remediation. You'll keep accurate records of all security events and incidents to help improve future responses.
SIEM Management and Optimization: - Fine-tune SIEM rules and alert thresholds to reduce false positives and improve detection accuracy. You'll continuously improve monitoring processes and ensure that the SOC is running efficiently.
Collaboration and Escalation: - Collaborate with other security teams, such as vulnerability management and threat intelligence, to ensure a coordinated response to security incidents. You'll escalate incidents as needed and work with senior analysts to resolve complex issues.
Requirements
Required Skills:
- SOC Expertise: Strong knowledge of security monitoring, incident detection, and incident response. You're proficient with SIEM tools (e.g., Splunk, QRadar, AlienVault), IDS/IPS, and endpoint detection and response (EDR) systems.
- Analytical Skills: Exceptional analytical and problem-solving skills, with the ability to quickly assess security alerts, distinguish between false positives and true threats, and take appropriate actions.
- Incident Response Experience: Hands-on experience responding to security incidents, including investigating and mitigating threats such as malware infections, phishing attacks, and network intrusions.
- Threat Intelligence: Experience integrating and using threat intelligence feeds to improve detection capabilities. You're able to identify patterns, correlate events, and anticipate emerging threats.
- Communication Skills: Strong written and verbal communication skills, with the ability to clearly report on security incidents and explain technical details to non-technical stakeholders.
- Adaptability: Ability to work effectively in a fast-paced environment where threats and challenges are constantly evolving. You stay calm under pressure and thrive in high-stakes situations.
- Humor: A great sense of humor, because even in the high-stakes world of SOC operations, we believe in creating a positive and enjoyable work environment. If you can keep the team focused and upbeat during intense shifts, you're our kind of analyst.
Educational Requirements:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent experience in SOC operations with a proven track record in incident response is also valued.
- Certifications such as Certified SOC Analyst (CSA), CompTIA Security+, GIAC Certified Incident Handler (GCIH), or Certified Information Systems Security Professional (CISSP) are highly desirable.
Experience Requirements:
- 3+ years of experience working in a SOC or cybersecurity environment, with hands-on experience monitoring, detecting, and responding to security incidents.
- Experience with SIEM tools, such as Splunk, QRadar, or similar, and familiarity with endpoint detection and response (EDR) platforms.
- Experience handling security incidents in industries with strict compliance requirements, such as finance, healthcare, or government, is a plus.
Benefits
Benefits:
- Health and Wellness: Comprehensive medical, dental, and vision insurance plans with low co-pays and premiums.
- Paid Time Off: Competitive vacation, sick leave, and 20 paid holidays per year.
- Work-Life Balance: Flexible work schedules and telecommuting options.
- Professional Development: Opportunities for training, certification reimbursement, and career advancement programs.
- Wellness Programs: Access to wellness programs, including gym memberships, health screenings, and mental health resources.
- Life and Disability Insurance: Life insurance and short-term/long-term disability coverage.
- Employee Assistance Program (EAP): Confidential counseling and support services for personal and professional challenges.
- Tuition Reimbursement: Financial assistance for continuing education and professional development.
- Community Engagement: Opportunities to participate in community service and volunteer activities.
- Recognition Programs: Employee recognition programs to celebrate achievements and milestones.