Sr. SOC Sumo Logic Pure Log Analyst

Overview

Remote
Hybrid
Depends on Experience
Full Time

Skills

Analytics
Apache Hadoop
Application Development
ArcSight
Penetration Testing
SIEM
Splunk
TCP/IP
Security Operations
Mentorship
Firewall
Computer Networking
Log Analysis
SumoLogic
management
lead
train

Job Details

Sr. SOC Sumo Logic Pure Log Analyst

Fulltime

Dallas, Texas

Remote option

 

IMMEDIATE new job opening for L3 SOC Analyst to join our clients Dallas based team and work in a hybrid setting.  This position is responsible for heavy log analysis, monitoring multiple feeds in a 24/7 environment to immediately detect, verify, and respond swiftly to cyber threats, e.g. vulnerability exploitation, malware, cyber-attacks, etc.; serving as a technical escalation resource and provide mentoring for Tier 1 and 2 Security Operations Center (SOC) analysts; working collaboratively with multiple teams and personnel; working with other SOC analysts as well as subject matter experts within the larger distributed Cyber defense team including; cyber threat hunters, threat intelligence analysts and forensic investigators; participating and take active role in red-team/blue-team simulated attacks and table top exercises; partnering with Security Design and Architecture Engineers to implement and improve technology and process to enhance SOC monitoring, investigation, and response capabilities.


Responsibilities
• Monitor multiple feeds in a 24/7 environment to detect and respond to cyber threats.
• Serve as a technical escalation resource for Tier 1 SOC analysts.
• Mentor and help manage Tier 1 and 2 SOC analysts.
• Collaborate with multiple teams and personnel within the Cyber defense team.
• Participate in red-team/blue-team simulated attacks and tabletop exercises.
• Partner with Security Design and Architecture Engineers to enhance SOC capabilities.

Requirements
• Bachelor's Degree and 4 years' work experience in a relevant role, or 4-8 years related work experience.

**Sumo Logic Experience Required! Ideally 4+ years

**Experience workin for an MSSP at least 2+ recent years
• Experience building queries and extracting data from logs

  • Log analytics experience
    • Certified Blue Team Level 2, or SAN Certification
    • Experience with event analysis leveraging SIEM tools (e.g. Splunk, ArcSight).
    • Log parsing and analysis skills with experience developing correlation rules.
    • Experience with NIDS/HIPS/EDR infrastructure & tools.
    • Experience with signature development/management (e.g. Snort rules, Yara rules).
    • Experience with protocol analysis and tools (e.g. Wireshark, Gigastor, Netwitness).
    • Experience mentoring and training junior analysts.
    • Working knowledge of current cyber threat landscape.
    • Working knowledge of Windows and Unix/Linux.
    • Working knowledge of Firewall and Proxy technology.
    • Knowledge of malware operation and indicators.
    • Knowledge of Data Loss Prevention monitoring.
    • Knowledge of forensic techniques.
    • Knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP).
    • Knowledge of penetration techniques.
    Nice-to-haves
    • Bachelor's Degree in Computer Science or Information Systems.
    • Experience in an enterprise environment with tools like ArcSight, Sourcefire, TrendMicro DDI, Splunk, Hadoop.
    • Experience in System or Network Administration, Penetration Testing, or Application Development.
    • Security Certifications Preferred (e.g. CSX Practitioner, GCIH, GIAC, OSCP, CEPT, CISSP, CCNA, Microsoft, Linux, Solaris certifications).

 

 

 

**To view all of our open positions, please visit: .

 

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.