Overview
Skills
Job Details
L3 Sumo Logic SOC Analyst
Fulltime
Dallas, Texas
Hybrid
IMMEDIATE new job opening for L3 SOC Analyst to join our clients Dallas based team and work in a hybrid setting. This position is responsible for heavy log analysis, monitoring multiple feeds in a 24/7 environment to immediately detect, verify, and respond swiftly to cyber threats, e.g. vulnerability exploitation, malware, cyber-attacks, etc.; serving as a technical escalation resource and provide mentoring for Tier 1 and 2 Security Operations Center (SOC) analysts; working collaboratively with multiple teams and personnel; working with other SOC analysts as well as subject matter experts within the larger distributed Cyber defense team including; cyber threat hunters, threat intelligence analysts and forensic investigators; participating and take active role in red-team/blue-team simulated attacks and table top exercises; partnering with Security Design and Architecture Engineers to implement and improve technology and process to enhance SOC monitoring, investigation, and response capabilities.
Responsibilities
Monitor multiple feeds in a 24/7 environment to detect and respond to cyber threats.
Serve as a technical escalation resource for Tier 1 SOC analysts.
Mentor and help manage Tier 1 and 2 SOC analysts.
Collaborate with multiple teams and personnel within the Cyber defense team.
Participate in red-team/blue-team simulated attacks and tabletop exercises.
Partner with Security Design and Architecture Engineers to enhance SOC capabilities.
Requirements
Bachelor's Degree and 4 years' work experience in a relevant role, or 4-8 years related work experience.
**Sumo Logic Experience Required! Ideally 4+ years
**Experience working for an MSSP at least 2+ recent years
Experience building queries and extracting data from logs
- Log analytics experience
Certified Blue Team Level 2, or SAN Certification
Experience with event analysis leveraging SIEM tools (e.g. Splunk, ArcSight).
Log parsing and analysis skills with experience developing correlation rules.
Experience with NIDS/HIPS/EDR infrastructure & tools.
Experience with signature development/management (e.g. Snort rules, Yara rules).
Experience with protocol analysis and tools (e.g. Wireshark, Gigastor, Netwitness).
Experience mentoring and training junior analysts.
Working knowledge of current cyber threat landscape.
Working knowledge of Windows and Unix/Linux.
Working knowledge of Firewall and Proxy technology.
Knowledge of malware operation and indicators.
Knowledge of Data Loss Prevention monitoring.
Knowledge of forensic techniques.
Knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP).
Knowledge of penetration techniques.
Nice-to-haves
Bachelor's Degree in Computer Science or Information Systems.
Experience in an enterprise environment with tools like ArcSight, Sourcefire, TrendMicro DDI, Splunk, Hadoop.
Experience in System or Network Administration, Penetration Testing, or Application Development.
Security Certifications Preferred (e.g. CSX Practitioner, GCIH, GIAC, OSCP, CEPT, CISSP, CCNA, Microsoft, Linux, Solaris certifications).
**To view all of our open positions, please visit: .