Overview
Skills
Job Details
SOC Analyst _ 2+ years experience - Onsite @ Okemos, Michigan
The Security Analyst is responsible for executing processes that prevent, detect and respond to security events across the organization. The analyst will stay informed of advances in attacker techniques and provide feedback for improvements to tools and processes as needed. Additional responsibilities include: identifying vulnerabilities and creating remediation plans. Ensure that SIEM tools are functioning appropriately, and take an active role in responding to security alerts, assessing and quickly containing malicious activity. The Security Analyst will staff a 24x7x365 Security Operations Center (SOC) and must be able to adjust to a flexible work schedule when necessary.
Essential Job Duties & Responsibilities
Monitor SIEM alerts from a variety of application and infrastructure platforms and leverage additional security tools for executing triage and incident escalation processes.
Research security trends and recommend improvements.
Validate the effectiveness of security tools through rigorous testing, tuning and continuous improvement.
As needed, administer security changes such as add/change/delete user accounts or group profiles and maintain user access lists.
Maintain confidentiality on all sensitive security matters.
Know and enforce all information security policies
Identification of security system status or security changes that are not within governance for SOC Tools
Provide alert monitoring, investigation and analysis across all SOC security tools
Document security alerts according to SOC procedures.
Record and produce metrics as assigned.
Monitor SOC mailboxes and respond within service level agreements
Monitor SOC Help Desk ticket queue and provide resolution within service level agreements
Must be able to adjust to a flexible work schedule when necessary.
Other Duties
Provide on-call support, as needed, for emergency security issues
Other duties as assigned.
Knowledge, Skills & Abilities
Experience with system administration tasks across multiple operating systems deployed in both physical and virtual environments.
Experience with authentication, authorization and auditing technologies and how they are implemented in different environments.
Familiar with vulnerability assessments processes, penetration testing techniques and audit procedures.
Solid written and verbal communication skills.
Ability to multi-task, troubleshoot and resolve problems.
Ability to work independently and in a team environment.
Platform-specific and platform independent scripting skills are a strong plus.