L3 SOC Analyst

Overview

Remote
Depends on Experience
Full Time

Skills

Analytics
Apache Hadoop
Application Development
ArcSight
CISSP
Cisco Certifications
Collaboration
Computer Networking
Data Loss Prevention
Development Management
Ethernet
Firewall
GCIH
Linux
Log Analysis
Malware Analysis
Management
Mentorship
Microsoft
Microsoft Windows
Netwitness
Network
Network Administration
Network Layer
OSCP
Penetration Testing
Protocol Analysis
Proxies
SIEM
Security Operations
Snort
Solaris
Sourcefire
Splunk
System On A Chip
TCP/IP
Sumo Logic

Job Details

L3 SOC Analyst
Fulltime
Dallas, Texas

Hours: Mon-Fri 11AM - 7PM
Hybrid (Remote option)

IMMEDIATE new job opening for L3 SOC Analyst to join our clients Dallas based team and work in a hybrid setting. This position is responsible for heavy log analysis, monitoring multiple feeds in a 24/7 environment to immediately detect, verify, and respond swiftly to cyber threats, e.g. vulnerability exploitation, malware, cyber-attacks, etc.; serving as a technical escalation resource and provide mentoring for Tier 1 and 2 Security Operations Center (SOC) analysts; working collaboratively with multiple teams and personnel; working with other SOC analysts as well as subject matter experts within the larger distributed Cyber defense team including; cyber threat hunters, threat intelligence analysts and forensic investigators; participating and take active role in red-team/blue-team simulated attacks and table top exercises; partnering with Security Design and Architecture Engineers to implement and improve technology and process to enhance SOC monitoring, investigation, and response capabilities.
Responsibilities
Monitor multiple feeds in a 24/7 environment to detect and respond to cyber threats.
Serve as a technical escalation resource for Tier 1 SOC analysts.
Mentor and help manage Tier 1 and 2 SOC analysts.
Collaborate with multiple teams and personnel within the Cyber defense team.
Participate in red-team/blue-team simulated attacks and tabletop exercises.
Partner with Security Design and Architecture Engineers to enhance SOC capabilities.

Requirements
Bachelor's Degree and 4 years' work experience in a relevant role, or 4-8 years related work experience.
**Sumo Logic Experience Required! Ideally 4+ years
**Experience workin for an MSSP at least 2+ recent years
Experience building queries and extracting data from logs
Log analytics experience
Certified Blue Team Level 2, or SAN Certification
Experience with event analysis leveraging SIEM tools (e.g. Splunk, ArcSight).
Log parsing and analysis skills with experience developing correlation rules.
Experience with NIDS/HIPS/EDR infrastructure & tools.
Experience with signature development/management (e.g. Snort rules, Yara rules).
Experience with protocol analysis and tools (e.g. Wireshark, Gigastor, Netwitness).
Experience mentoring and training junior analysts.
Working knowledge of current cyber threat landscape.
Working knowledge of Windows and Unix/Linux.
Working knowledge of Firewall and Proxy technology.
Knowledge of malware operation and indicators.
Knowledge of Data Loss Prevention monitoring.
Knowledge of forensic techniques.
Knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP).
Knowledge of penetration techniques.

Nice-to-haves
Bachelor's Degree in Computer Science or Information Systems.
Experience in an enterprise environment with tools like ArcSight, Sourcefire, TrendMicro DDI, Splunk, Hadoop.
Experience in System or Network Administration, Penetration Testing, or Application Development.
Security Certifications Preferred (e.g. CSX Practitioner, GCIH, GIAC, OSCP, CEPT, CISSP, CCNA, Microsoft, Linux, Solaris certifications).


**To view all of our open positions, please visit: .

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.