Security Operations Center Analyst III

About The Position

Requirements

• Minimum 7 years in IT
• 5 years in Incident Response
• Security Certification
• Security+
• CEH
• OSCP/OSCE
• CISSP
• CISA
• GIAC
• 5+ years of cybersecurity incident response experience with excellent background in networking and security to include intrusion detection/prevention
• Excellent knowledge of security applications such as IDS, IPS, EDR, SIEM, next-gen AV and anomaly detection tools
• Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks.)
• Excellent knowledge of the 6 phases in Cyber incident response plan
• Wide knowledge of application and IT product diversity, interoperability, and extensive knowledge in IT security
• Ability to configure and conduct vulnerability scans using VM tools such as Tenable.io and Tanium

Nice To Haves

• 10 years in IT
• Minimum 7 years in Incident Response

Responsibilities

• Receive, characterize, and analyze endpoint and network alerts from various sources within the enterprise and determine possible causes of such alerts to identify anomalous activity and potential threats to network resources and users
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack
• Serve as an escalation point to SOC Analysts providing support, guidance, as well as work and track security incidents through final resolution
• Create and maintain incident response processes, procedures and blueprints. Documenting and maintaining knowledge base of incident methodologies and plans

Benefits

• For information on Sysco’s Benefits, please visit https://SyscoBenefits.com