SOC Analyst
SOC Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
As a Fusion SOC Shift Lead you will support theSecurity Operations Center (SOC) as a lead performing threat actorbasedinvestigations recommending detection methodologies and providing expertsupport to incident response and monitoring functions.
- Act as the main interface point between Service Delivery Managers and SOC service teams
- Act as an escalation point and/or SME for all advanced security incident escalations from L1 analysts
- Responsible for all SOC shift activities
- Perform review and final sign offof all runbooks and playbooks
- Assign and prioritize tasks/tickets to the SOC shift team
- Manage ticket queues including escalation of outstanding tickets tickets requiring updates and escalation of open tickets where necessary
- Provide guidance on process and procedures specific to the clients monitoring environment
- Responsible for meeting Service Level Agreement (SLA) requirements
- Ensure quality standards are being met by doing ticket audits and reviewing and completing shift turnover logs
- Responsible for leading SOC shift handover calls
- Provide continuous improvement and on the job training (OJT) for SOC analysts
- Manage PTO requests and other schedule issues that impact SOC operations
- Coordinate with Cyber Security Engineers to resolve Security information and event management (SIEM) health issues
- Coordinate with Service Delivery Managers (SDMs) to enforce specific client requests and provide monitoring updates
- Coordinate with SDM to process and complete nonJIRA incidents
- Monitor and provide feedback/guidance on incident tickets on trends patterns and anomalies
- Point of escalation for operations/security issues
- Ensure quality of FMS SOC service delivery including policies and Service Level Agreements are met
- Assist with analytic investigative support of large scale and complex security incident
- Communicate SOC client service delivery issues to SDM and coordinate remediation
- Attend client calls as and when needed to assist SDMs with dissemination of security and event information
- Familiarity with tools such as: IDS/IPS DLP Proxy WAF EDR AV MVM Sandboxing FWs Threat Intel Pen Testing APT
- Analysis of network data (e.g. packets logs) and endpoint data (e.g. logs malicious artifacts) in both structured and unstructured methods using SIEM and various tools
- Review SOC reports and deliverables
- Manage security event investigations partnering with other teams as needed
Actively seekselfimprovement through continuous learning and pursuing advancement to a SOC Manager
Qualifications
Required:
Bachelor ofScience with a concentration in computer science information systemsinformation security math decision sciences risk management engineering(mechanical electrical industrial) or other business/technology disciplinesor equivalent work experience
- Overall 2 years working in a SOC and a minimum of 6 months in an L2 analyst or equivalent capacity and/or strong security technology operations experience as a Senior Analyst/ Shift Lead
CertifiedInformation Systems Security Professional (CISSP) Certification in CertifiedIntrusion Analyst (GIAC) Continuous Monitoring (GMON) Certified EthicalHacker (CEH) or equivalent
Able to work shifts on a rotating basis for 24/7 operational support
Experience insecurity technologies such as: Security information and event management(SIEM) IDS/IPS Data Loss Prevention (DLP) Proxy Web Application Firewall(WAF) Endpoint detection and response (EDR) AntiVirus Sandboxing networkand host based firewalls Threat Intelligence Penetration Testing etc.
Knowledge ofAdvanced Persistent Threats (APT) tactics technics and procedures
- Understanding of possible attack activities such as network probing/ scanning DDOS malicious code activity etc.
- Understanding of common network infrastructure devices such as routers and switches
- Understanding of basic networking protocols such as TCP/IP DNS HTTP
- Basic knowledge in system security architecture and security solutions
Preferred:
Provenability to translate complex information sets into specific recommendationsthat can be actioned by customers to enhance their security posture
Workingknowledge of threat analysis and enterprise level mitigation strategies
Workingknowledge of how malicious code operates and how technical vulnerabilities areexploited
Workingknowledge of operating systems and networking technologies in general
Workingknowledge of cyber threats defenses motivations and techniques
Excellentinterpersonal and organizational skills
Excellentoral and written communication skills
Stronganalytical and problemsolving skills
Selfmotivatedto improve knowledge and skills
Astrong desire to understand the what as well as the why and the how of securityincidents
Required Experience:
IC
Employment Type
Full-Time
