Our client Fortune 500 client located in Alpharetta, GA has multiple openings to join their high performing SOC team. There's strong potential for growth from within. They have a great company culture and awesome benefits. This position is a Permanent REMOTE opportunity. When the pandemic over analysts will be on site at their SOC in Alpharetta, GA.
The position requires experience analyzing malware and other related cyber threats and implementing and maintaining security and analysis solutions for large enterprises, with knowledge on large scale threat analysis of event data from commercial and open source infrastructure technology platforms
Responsible for the management, detection and analysis support that enables global incident response and security operations. Additionally also responsible for developing and maintaining threat monitoring capabilities used by the Security Operations Center team.
He/she will work collaboratively to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations. The SOC Analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint. The Analyst should have familiarity with the principles of network and endpoint security, current threat and attack trends, a strong understanding of the OSI model, and have a good working knowledge of defense in depth strategies.
The Analyst must be competent to work at a technical level, be capable of identifying threats and vectors that cause security events, and be able to follow defined procedures for mitigating said threats.
Skills and attributes for success
· How to respond to network and host based security events
· Ability to participate in detecting, investigating, and resolving security events
· Capable of working independently
· Participate in detecting, investigating, and resolving security events
· Conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc) to identify information security incidents
· Identify and propose areas for improvement within the SOC
· Good communication skills
To qualify for the role you must have
Bachelors in Computer Science, Information Systems, Engineering or 2 - 3 years of related work experience.
· Minimum of 1-2 years of experience in one or more of the following:
· Working in a Security Monitoring/Security Operations Center environment (SOC)
· Experience investigating security events, threats and/or vulnerabilities
· Demonstrate incident handling ability
· Demonstrate ability to analysis log output from various devices
· Understanding of electronic investigation and log correlation Proficiency with the latest intrusion detection platforms; working knowledge of Windows systems administration (Including AD) and/or Linux.
Ideally, you’ll also have
· Extensive experience working with SIEM, Log Aggregators, Incident Response Management solutions
· Strong technical knowledge of Networking, Operating Systems and enterprise integrations
· Experience managing standards, developing Security Operations Process, reporting and dashboards
· Excellent communication, collaboration, relationship management and leadership
· Self-directed and able to perform tasks without supervision
· Information Security Principles, Technologies, and Practices
· Proven experience with multiple security event detection platforms
· Thorough understanding of TCP/IP
· Understand IDS / IPS rules to identify and/or prevent malicious activity
· Demonstrated integrity in a professional environment
· Good social, communication and technical writing skills
· Desired Certifications - SSCP,CEH, GCIH, GCFA, GCIA, GSEC,GIAC, Security+