Cybersecurity / SOC Analyst II

About The Position

Requirements

• Ability to develop specific proactive procedures for detection of security breaches
• Strong working knowledge of incident response and handling methodologies
• Strong working knowledge in operating systems, networking, MS Active Directory
• Good working knowledge of SaaS-based cloud application security and cloud platforms such as Azure
• Experience in collaborating with system and network administrators to help remediate the impact of identified risks and vulnerabilities at the platform level.
• Demonstrate conceptual, analytical and innovative problem-solving skills
• Ability to conduct independent research and analysis in the event of a security breach
• Identify issues, formulate strategy, and proactively remediate security risks
• Ability to draw conclusions and make recommendations based on analysis and findings
• Self-starter who is a team player that embraces collaboration.
• Demonstrate knowledge of security controls for network, application and operating systems.
• Knowledge and use of the MITRE ATT&CK framework
• Demonstrate interpersonal skills; including the ability to work effectively in a team environment.
• Capacity to work independently and willingness to seek advice/assistance from others.
• Security Incident Handling and Response and Threat Management
• Encryption/cryptography standards, protocols and best practices
• Strong knowledge on analyzing malicious payloads (malware/spyware)
• Strong knowledge on performing email investigation
• In-depth knowledge of various security technologies including: IDS/IPS EDR/NDR/XDR CASB Firewalls and next-generation firewalls (NGFW) Cyber threat intelligence feeds and databases Log management systems/SIEM Web application firewalls Vulnerability scanners and penetration testing tools Network security best practices
• Experience working in a 24/7 SOC environment
• Bachelor’s Degree in Computer Information Systems, Computer Science, MIS, Engineering or related technical discipline. Equivalent work experience in the Information Technology field will be considered coupled with relevant Cyber Security certifications
• Minimum 3 years of direct information security experience within an Information Technology organization
• Excellent time management and organizational skills.
• Excellent documentation skills.
• Willingness to work outside of regular business hours as required which may include evenings, nights, weekends, holidays.

Nice To Haves

• Relevant industry certifications preferred
• Blue Team Level I
• Blue Team Level II
• Palo Alto Network Security Professional
• CompTIA Cloud+
• Cisco Certified Network Associate (CCNA)
• CompTIA Cybersecurity Analyst (CYSA+)
• One or more MITRE ATT&CK Defender certifications preferred but not required (e.g., Cyber Threat Intelligence, SOC Assessment)

Responsibilities

• Security Operations Monitoring: Investigate and analyze detections from a diverse set of security tools (NGFW, EDR, NDR, TIP, SIEM) within a high-availability, 24/7/365 operational environment to ensure proactive threat detection and continuous protection.
• Security Operations Management: Oversee the configuration, optimization, and management of security tools utilized by the SOC to enhance detection, response, and overall security posture.
• Incident Response: Conduct thorough investigations of detections escalated by junior analysts to evaluate the scope of the attack, identify affected systems, and determine the necessary steps for further analysis.
• Program Enhancement: Collaborate in the development and refinement of SOC processes and procedures to keep the SOC aligned with the ever-evolving threat landscape, ensuring operational efficiency and readiness.
• Threat Intelligence and Awareness: Stay informed on emerging and existing threats by analyzing attacker tactics, techniques, and procedures, and reviewing security event reports to proactively strengthen defenses.
• Mentorship and Guidance: Provide guidance and support to junior analysts in reviewing detections and incidents, ensuring they follow best practices for investigation and response.
• Threat Analysis: Perform analysis of threats, including malware analysis and network forensics, to uncover malicious activity and enhance detection capabilities.

Benefits

• Personalized Health Care: Multiple medical, dental, and vision plan options; Employee Assistance Program
• Financial Benefits: Competitive salary and incentive packages; matching 401(k); FSAs and HSA; employer-paid life and AD&D insurance; paid leave & disability programs
• Social Wellness: 19+ days of PTO; mental health counseling & resources; fertility, surrogacy, and adoption assistance; volunteer days and donation matching
• Career Development: Learning & training programs; tuition & certification reimbursement; internal advancement opportunities