Analyst, Security Operations Center

About The Position

Requirements

• Associate's degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
• Experience managing cases/incidents
• Ability to think analytically
• Robust creativity and problem-solving skills
• Knowledge of technical systems and terminology
• Proficiency in threat management analysis and dissemination
• Proficiency in scripting languages
• Advanced written and verbal communication skills

Nice To Haves

• Bachelor's Degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
• Information Security Certification, preferred:
• GSEC
• Security+
• GIAC
• Python or PowerShell scripting
• Azure Sentinel and CrowdStrike experience
• A solid understanding of networking, cyber security concepts
• Aptitude in solving problems independently
• Demonstrated problem-solving skills
• Sound decision-making ability
• Must be detail oriented, well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude
• Strong analytical and time management skills

Responsibilities

• Ability to work shift hours, including night shifts.
• Review incidents to assess their urgency and escalate incidents if necessary
• Triage alerts
• Correlate and analyze events and data to determine the scope of cyber security incidents
• Recognize attacker tactics, techniques, and procedures as potential indicators of compromise (IOCs) to improve monitoring, analysis, and incident response
• Assist in tuning SIEM and IDS alerting to reduce false positives, improve productivity, and improve detection capabilities
• Develop automation playbooks
• Provide prescriptive remediation guidance to IT and network teams
• Document incident responses with the detailed root cause and recommendations
• Provide 24x7 (on-call) support
• Monitor and manage/support all event sources
• Endpoint Protection Systems (EDR/XDR), and other security tools to monitor and manage security incidents
• Use the SIEM, SOAR, DLP tools, Cloud Posture Management, Endpoint Management, Endpoint Protection Systems (EDR/XDR), and other security tools to monitor and manage security incidents
• Participate in organizational projects, as required
• Ticket & Ticket Management

Benefits

• We offer competitive compensation and comprehensive benefits.
• Our benefits and paid time off programs reflect our underlying belief in promoting overall wellness through physical, emotional and financial health.
• Brightspeed offers a comprehensive benefit program, including competitive medical, dental, vision, and life insurance; an employee assistance program; a 401K plan with company match and a host of voluntary benefits.