Information Security Operation Center Analyst

About The Position

Requirements

• Bachelor’s degree or equivalent education and experience
• 5 years information technology experience
• Minimum 1 year in a SOC analyst or incident response role
• Possess excellent analytical skills and keen attention to detail in execution of tasks, while still seeing the big picture and maintaining curiosity of additional elements that should be investigated
• Knowledge of the MITRE ATT&CK framework and common cyber threat attack paths
• Use business knowledge, innovative thinking, and sound judgment to resolve problems and challenges
• Strong written communication skills – able to clearly document incident investigation work
• Practical knowledge of corporate computing environments
• Ability to communicate technical subject matter to non-technical individuals for security awareness training
• Ability to prioritize and organize tasks in a dynamic business environment
• Able to accomplish goals while working as a member of a team or independently
• Knowledge of security best practices

Nice To Haves

• Professional certification such as CySA+, Security+, or GSEC
• Hands on experience with and knowledge of Palo Alto Security tools
• Knowledge of Information Technology Infrastructure Library (ITIL) standards and processes
• Experience configuring infrastructure systems and knowledge of network protocols

Responsibilities

• Investigate and respond to suspicious email threats while continuously improving detection rules, user reporting workflows, and phishing defense capabilities based on observed attack patterns and trends
• Thoroughly investigate and respond to cyber events and incidents, applying advanced analytical techniques to determine root cause, scope impact, and coordinate containment, eradication, and recovery efforts.
• Learn, refine, maintain, and operationalize incident response playbooks while also remaining curious and exercising advanced technical knowledge and judgement appropriate to each situation, ensuring consistent execution during incidents and incorporating lessons learned to improve response effectiveness.
• Document, refine, and automate security processes using SOAR capabilities to improve response efficiency, consistency, and scalability across incident handling workflows
• Work within purple team to test detection of attacker TTPs and tune out false positive results. This involves understanding the steps threat actors would take to compromise our systems and where each of our controls might prevent, detect, or alert to this activity and testing to validate the desired control activity is achieved without generating excessive false positives.
• Recommend security solutions and practices that protect company services and assets and assist engineers in the implementation.
• Ensure logs from all appropriate systems are being ingested to ensure Continuous Monitoring and Anomaly Detection and/or Forensic Investigations can find all malicious behavior
• Work with business stakeholders to make sure accounts and privileges are properly maintained throughout their lifecycle to ensure the principles of least privilege are followed.
• Maintain a current awareness of information security issues and trends that are relevant to the Brooks ecosystem in order to understand how emerging threats and technologies might impact the security and availability of Brooks
• Maintain professional security certifications and accreditations
• Other responsibilities as required

Benefits

• medical, dental, vision, life and AD&D insurance, disability insurance, HSA and employer contribution, FSA, family & fertility assistance, 401K Savings Plan and match, employee assistance program, and transportation assistance.
• five weeks of paid time off, eleven paid holidays, and paid sick and parental leave.
• annual bonus based on company performance.
• product discounts, employee recognition, fitness discounts, volunteer and donation benefits.