SOC Analyst (Tier 2)

About The Position

Requirements

• Minimum of a Bachelor’s degree or at least 3 years of equivalent cybersecurity professional experience.
• Minimum of one IAT Level I security industry specific certification (8570 Baseline Certifications) (i.e. A+ CE, CCNA-Security, CND, Network+ CE, SSCP or equivalent certifications).
• Full understanding of Tier 2 responsibilities/duties and how the duties feed into Team Lead and IR duties.
• The ability to clearly and effectively communicate to a wide audience with varying degrees of technical aptitude, such as management, other team members and clients.
• Conduct research and produce security risk assessments/reports when appropriate.
• Working knowledge of network protocols (TCP/IP, UDP, SMTP, SSH, etc.).
• Knowledge of Windows and Linux operating systems.
• Good understanding of Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR) and SIEM technologies.
• Working knowledge of endpoint and network devices interoperability (servers, virtual machines, NGFWs, proxies, switches, routers). Possesses solid understanding of OSI Layer.
• Knowledge and experience in Cyber Threat and Intelligence gathering and analysis.
• Knowledge in how to read and interpret packet capture (PCAP) and log analysis.

Nice To Haves

• Strong desire to learn and willingness to be challenged.
• Passion and strong foundation in information security concepts.
• Knowledge and experience in Forensic and Malware Analysis
• Author Standard Operating Procedures (SOPs) and training documentation when needed.
• Minimum of one IAT Level II security industry specific certifications (8570 Baseline Certifications) (i.e. CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP).

Responsibilities

• Monitor network traffic for security events and perform triage analysis to identify security incidents.
• Respond to computer security incidents by collecting, analyzing, and preserving digital evidence, and ensure that incidents are recorded and tracked in accordance with SOC requirements.
• Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
• Utilize technologies to conduct host forensics, Endpoint Detection & Response, log analysis, and network forensics (full packet capture solution).
• Support cybersecurity root-cause analysis and investigative alerts to examine endpoint activity and network-based data.
• Support malware analysis, host and network, forensics, log analysis, and triage in support of incident response.
• Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response.
• Identify applications and operating systems of a network device based on network traffic,
• Reconstruct a malicious attack or activity-based off-network traffic
• Identify network mapping and operating system (OS) fingerprinting activities
• Work with key stakeholders to implement remediation plans in response to incidents.
• Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.
• Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty

Benefits

• Health/Dental/Vision
• 401(k) match
• Paid Time Off
• STD/LTD/Life Insurance
• Referral Bonuses
• professional development reimbursement
• parental leave