L1 Sumo Logic SOC Analyst

Overview

Remote
Depends on Experience
Full Time

Skills

Sumo Logic
Splunk
SIEM
SOC
Log Analysis
vulnerability
malware
cybersecurity
MSSP
Azure Sentinel
Crownstrike
Stellar Cyber
ArcSight
cyber

Job Details

L1 Sumo Logic SOC Analyst

Fulltime

Shift: Sun Wed from 9pm-7am CST

Dallas, Texas Hybrid (Remote option)

IMMEDIATE new job opening for L1 SOC Analyst to join our client s Dallas based team and work in a hybrid setting. This role will work 4 days on with essentially a 9pm 7am shift. This position is responsible for heavy log analysis, monitoring multiple feeds in a 24/7 environment to immediately detect, verify, and respond swiftly to cyber threats, e.g. vulnerability exploitation, malware, cyber-attacks, etc.; serving as a technical escalation resource and provide mentoring for Tier 1 and 2 Security Operations Center (SOC) analysts; working collaboratively with multiple teams and personnel; working with other SOC analysts as well as subject matter experts within the larger distributed Cyber defense team including; cyber threat hunters, threat intelligence analysts and forensic investigators; participating and take active role in red-team/blue-team simulated attacks and table top exercises; partnering with Security Design and Architecture Engineers to implement and improve technology and process to enhance SOC monitoring, investigation, and response capabilities.

Responsibilities

  • Monitor multiple feeds in a 24/7 environment to detect and respond to cyber threats.
  • Collaborate with multiple teams and personnel within the Cyber defense team.
  • Participate in red-team/blue-team simulated attacks and tabletop exercises.
  • Partner with Security Design and Architecture Engineers to enhance SOC capabilities.

Requirements

  • **Bachelor's Degree and 2 years' work experience in a relevant role, or 4 years related work experience.
  • **Sumo Logic experience required for at least 1 year.
  • **Experience working for an MSSP required for at least 1 year recently.
  • Experience building queries and extracting data from logs.
  • Log analytics experience.
  • Certified Blue Team Level 2, or SAN Certification.
  • Experience with event analysis leveraging SIEM tools (e.g. Splunk, Azure Sentinel, CrowdStrike, Stellar Cyber, ArcSight).
  • Log parsing and analysis skills with experience developing correlation rules.
  • Experience with NIDS/HIPS/EDR infrastructure & tools.
  • Experience with signature development/management (e.g. Snort rules, Yara rules).
  • Experience with protocol analysis and tools (e.g. Wireshark, Gigastor, Netwitness).
  • Experience mentoring and training junior analysts.
  • Working knowledge of current cyber threat landscape.
  • Working knowledge of Windows and Unix/Linux.
  • Working knowledge of Firewall and Proxy technology.
  • Knowledge of malware operation and indicators.
  • Knowledge of Data Loss Prevention monitoring.
  • Knowledge of forensic techniques.
  • Knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP).
  • Knowledge of penetration techniques.
  • Bachelor's Degree in Computer Science or Information Systems plus
  • Experience in an enterprise environment with tools like ArcSight, Sourcefire, TrendMicro DDI, Splunk, Hadoop.
  • Experience in System or Network Administration, Penetration Testing, or Application Development.
  • Security Certifications Preferred (e.g. CSX Practitioner, GCIH, GIAC, OSCP, CEPT, CISSP, CCNA, Microsoft, Linux, Solaris certifications).

**To view all of our open positions, please visit our Alleare Consulting website.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.