SOC and Information Security Analyst

Job Title: SOC and Information Security Analyst

Work Location: Temple Terrace, FL (Remote)

Must Have Skills:

• Associate degree in Computer Science, Information Security, or a related field.
• 1 to 3 years of experience in a security-related role.
• Fundamental knowledge of Cyber Security technologies.
• Understanding of the threat landscape and indicators of compromise.
• Strong problem-solving skills.
• Proactively engage with customers, client executives, and management teams.
• Excellent documentation and communication abilities in written and oral English.

Desired Skills:

• Bachelor's degree or higher in Computer Science, Information Security, or a related field.
• One or more years of experience in an Information Security Analyst position.
• Familiarity with basic cyber threat hunting techniques.
• Experience in incident response using different SIEMs and adhering to industry best practices.
• Proficiency in investigating security incidents, developing/tuning use cases, and understanding incident response protocols.
• Ability to create new content, searches, and scripts for tools like Splunk, QRadar, Sentinel, etc.
• Understanding of device logging, network troubleshooting, and device troubleshooting.
• Experience with incident response techniques such as network forensic analysis.
• Familiarity with Intrusion Prevention Systems (IPS) and analyzing alerts generated by inspection.
• Scripting knowledge in languages like Python, PowerShell, Bash Shell, Java, Ansible, etc.
• Relevant security certifications such as SANS GIAC, GCIH, CompTIA Security+, CCNP-Security, CySA+, GCED, CEH, or similar credentials.

Job Duties:

• Information Security Analysts are the backbone of the Security Operations Center (SOC), providing crucial support to enterprise-level customers.
• Tier-1 Security Analysts with at least one year of experience in security or technical troubleshooting roles, such as help desk, handle various tasks across various platforms.
• They play a pivotal role in the Security Incident and Event Management (SIEM) workflow, serving as the 24x7 "eyes on glass" who monitor alerts and escalate incidents as necessary.

Responsibilities:

• Conduct near real-time security monitoring in a 24x7 environment, utilizing proprietary SIEM and cybersecurity tools to identify Indicators of Compromise (IOCs).
• Monitor alert health in near real-time and escalate critical alerts according to service level agreements.
• Detects and analyzes security incidents, particularly complex or escalated events, to assess threats effectively.
• Address customer Requests For Information, leveraging soft and technical skills to query raw logs for IOCs, provide insights into SOC infrastructure, and offer guidance on SIEM features and best practices.
• Perform level 1 assessment of incoming alerts, prioritizing and correlating details to determine severity within the customer environment and coordinating with tier II/III for critical incidents as needed.
• Execute basic incident response activities using customer SIEM and cybersecurity toolkits.
• Contribute to the SOC Knowledge Base and provide input for revisions.
• Draft clear and concise escalation tickets.

--
Thanks,
Rajkumar,
Ph: x 105