SOC Analyst III, Digital Forensics & Incident Response

SOC Analyst III, Digital Forensics & Incident Response

Employment Type: Contract-to-hire

Workplace Type: Hybrid (2 days onsite, 3 days WFH)

Location: Los Angeles, CA

Industry: Financial Services

Pay Rate: $65-$95 hourly

SUMMARY:

We are seeking a Security Operations Center professional to join our client's Cybersecurity Operations team in their Los Angeles location. The ideal candidate will have professional experience working in an enterprise security operations center, has a strong background in defensive security operations, and is passionate about information security operations, threat intelligence, and threat hunting.

DUTIES & RESPONSIBILTIES:

• Detects, identifies, and respond to cyber events, threats, security risks and vulnerabilities in line with cyber security policies and procedures


• Performing deep forensic analysis and artifact recovery various operating systems including but not limited to Windows, Macintosh, iOS, Linux, Andriod internal application and log analysis


• Take ownership of and lead end-to-end investigations into high-severity security incidents, such as advanced persistent threats (APTs), targeted attacks, and insider threats.


• Provide after-hours/on-call support for critical incidents.


• Proficient in Incident Response and automation workflows as it relates to Security Operations


• Ability to develop procedures and documentation to support effective an security operations program


• Responsible for documenting the incident life cycle, conducting handoffs, escalation, and providing support during cyber incidents


• Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention)


• Proficient in Threat Research and understanding the latest malware trends, common attack TTPs, and the general threat landscape


• Demonstrates ability to author content using a variety of query languages, as well as scripting for event enrichment and investigation


• Conducts threat hunting and analysis using various toolsets based on intelligence gathered


• Partner with the security engineering and platform engineering teams to improve tool usage and workflow


• Build and execute a program for continuous security controls testing and validation


• Perform other duties as planned

QUALIFICATIONS

• Bachelor's degree or equivalent relevant work experience in Computer Science, Information Technology, Business, Intelligence, or Security Operations


• Professional Certifications such as CISSP, CISM, CEH, GCIH, GCIA, GSOC a plus, but are not required


• 5+ years of work experience, with 3+ years of experience in Cybersecurity, or with a reputed Services / consulting firm offering security operations consulting or equivalent public sector experience


• Experience engaging in a 24x7 operational environment


• Experience in scripting languages such as PowerShell or Python


• Experience in SOAR (Security Orchestration Automation Response) platform preferred


• Experience should demonstrate a sharp security mindset, initiative to solve problems, and teamwork


• Elevated level of personal integrity, honesty, and character


• Proactive, analytical mindset with strong problem-solving skills and attention to detail.


• Able to professionally handle confidential matters and show an appropriate level of judgment and maturity


• Strong understanding of offensive and defensive security


• Keen sense of ownership, accountability, curiosity, and independent thinking


• Comfort in dealing with ambiguity, stress, and uncertainty in a dynamic environment


• Well-developed analytic, critical thinking skills and demonstrated problem-solving abilities and decision-making skills.


• Experience with one or more Security Information and Event Management (SIEM) solutions


• Experience in security monitoring, Incident Response (IR), and security tools configuration and tuning


• Strong knowledge and experience in Security Event Analysis


• Excellent in security incident handling, documentation, root cause analysis, troubleshooting and publishing post-Incident Reports.


• Knowledge of cyber security frameworks and attack methodologies


• Experience working with EDR, email defense, and other security operations tools


• Inquisitive and committed to continual improvement/learning


• Ability to be flexible in terms of hours to coordinate effectively with team members across time zones


• Excellent communication (written, verbal, presentation, documentation) and client service skills; capability of interacting with stakeholders to drive project/task/support engagement


• Ability to interact effectively at all levels with sensitivity to cultural diversity

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance. For unincorporated Los Angeles county, to the extent our customers require a background check for certain positions, the Company faces a significant risk to its business operations and business reputation unless a review of criminal history is conducted for those specific job positions.