Sr. SOC Analyst

Overview

On Site
$100,000 - $110,000
Full Time

Skills

SOC Analyst
Security Operations Center
Analyst
SIEM
Firewalls
IDS
IPS
Linux
Windows
Python
Java
C++
triage
incident management

Job Details

Sr. SOC Analyst (can be from a Developer, Systems Admin or Threat Hunter Background. See descriptions below)

*Location: Irvine, CA

MANAGER NOTES:

- At least 4 years of experience as a SOC analyst, incident response experience, etc.

- Experience in managing and tuning SIEM products

- Experience installing network security devices (FW, IDS/IPS, etc.) and servers (Linux/Windows, etc.)

- At least 5 years of IT experience preferred.

General Position Summary

This position is responsible for providing advanced-level security monitoring services to client companies by gathering security events from security devices, network devices and computers in customer network to security monitoring system in a data center. This senior role is also accountable for developing SIEM contents and tools to enhance the SOC capabilities.

PRIMARY RESPONSIBILITIES

  • Provide 24x7 monitoring and analysis of SIEM events to identify potential security risks and vulnerabilities.

o Coordinate and collaborate with others for the investigation, remediation, and implementation of preventative measures for cybersecurity events and incidents.

o Manage escalations received from Tier I SOC Analysts .

o Triage and investigate events to identify security incidents.

o Provide detailed analysis of security events and investigations.

o Recommend actions to customers for cybersecurity events and incidents .

o Log security incidents in the case management system, managing security incidents throughout their lifecycle to closure.

  • Develop SIEM contents and other programs to enhance the SOC efficiency and detection capability.

o Enhance existing programs, troubleshooting as necessary.

o Develop SIEM contents such as rules, reports, etc.

o Develop integration programs such as log collection scripts, remediation scripts, etc.

  • Serve as a subject matter expert in at least one security-related area (e.g. specific security solution, Windows, etc.).
  • Provide technical support for the SOC services and security products that client delivers.

OTHER & MISCELLANEOUS

  • Provide coaching, training, and support development of documentation for Tier I SOC Analysts.
  • Manage stakeholders expectations and relationships in pre-sales and post-sales activities including onsite visits.
  • Provide routine reporting to customers.
  • Seek constant improvement, more efficient, and less expensive ways and means in work processes.
  • Perform maintenance and enhancement of the SOC service such as maintenance and enhancement of SIEM contents, SOC documents, SOC tools, and SOC infrastructure.
  • Perform special projects and other miscellaneous duties as assigned by management, including supporting ad-hoc data and investigation requests.
  • Report all irregular issues and problems to management for resolution.
  • Maintain high ethical standards in the workplace.
  • Maintain good communication with management, office staff members, and outside contacts.
  • Comply with all company policies and procedures, including maintaining a clean and safe working area.

Qualifications (if developer)

Education & Work Experience

  • At least 4 years of experience as a SOC analyst, including event triage and incident management.
  • Prior experience with SIEM tuning and administration .
  • Proficiency in popular coding languages including Python, Java and C++ and frameworks.
  • Relevant cybersecurity experience including SIEM operations, forensic acquisition and analysis of evidence, event management, and incident management.
  • Demonstrated experience with leading incident response calls, meetings, and activities by providing direction to other team members and partner vendors.
  • Ability to multitask, including answering multiple calls, prioritizing emails, instant messaging/chat environments, and ticket-related communications. Prior experience working in fast-paced environment with the ability to manage workloads when handling incident responses with competing priorities.

Qualifications (If Threat Hunter)

Education & Work Experience

  • At least 4 years of experience as a SOC analyst, including event triage and incident management.
  • Prior experience with SIEM tuning and administration.
  • Relevant cybersecurity experience including SIEM operations, forensic acquisition and analysis of evidence, event management, and incident management.
  • Demonstrated experience with leading incident response calls, meetings, and activities by providing direction to other team members and partner vendors.
  • Ability to multitask, including answering multiple calls, prioritizing emails, instant messaging/chat environments, and ticket-related communications. Prior experience working in fast-paced environment with the ability to manage workloads when handling incident responses with competing priorities.
  • Bachelor s degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, Security & Risk Management, etc.). Master s Degree preferred. Previous experience in incident investigation utilizing EDR tools.
  • Advanced knowledge and strong interest in cybersecurity (attack methods, malware techniques, etc.).
  • Fluent in English, both written and verbal, with excellent oral and written communication skills.
  • Experience with reporting tools
  • Bachelor s degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, Security & Risk Management, etc.).
  • Master s Degree preferred.

Qualifications (if System Admin)

Education & Work Experience

  • At least 4 years of experience as a SOC analyst, including event triage and incident management.
  • Prior experience with SIEM tuning and administration.
  • Proven experience as a System Administrator, Network Administrator or similar role.
  • Relevant cybersecurity experience including SIEM operations, forensic acquisition and analysis of evidence, event management, and incident management.
  • Demonstrated experience with leading incident response calls, meetings, and activities by providing direction to other team members and partner vendors.
  • Ability to multitask, including answering multiple calls, prioritizing emails, instant messaging/chat environments, and ticket-related communications. Prior experience working in fast-paced environment with the ability to manage workloads when handling incident responses with competing priorities.
  • Bachelor s degree in a relevant field of study (e.g. Cybersecurity, Information Systems, Computer Science, Security & Risk Management, etc.). Master s Degree preferred.
  • Previous experience in incident investigation utilizing EDR tools.
  • Advanced knowledge and strong interest in cybersecurity (attack methods, malware techniques, etc.).
  • Fluent in English, both written and verbal, with excellent oral and written communication skills. Experience with reporting tools.

Tools & Equipment

  • Software includes the use of Windows operating system, MS Office
  • General office equipment including phones, fax, copier, personal computer, printer, scanner, etc.

Certificates/Licenses

  • CISSP or GIAC 50X or above (required)
  • MCSE, MCP, CCNA, Security +, preferred
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About RightStaff Technical Resources