Security Operations Center (SOC) Analyst II

A Security Operations Center (SOC) Analyst II provides real-time security monitoring and threat hunting in our Security Operations Center. This individual will have the opportunity to work with customers across many industries by providing managed security services.

Requirements

• Provides security event monitoring and analysis to identify critical security events at client sites.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Coordinate with customer staff to validate security alerts.
• Document and escalate incidents that may cause ongoing and immediate impact to the environment.
• Perform event correlation using information gathered from a variety of sources to gain situational awareness and determine the effectiveness of an observed attack.
• Receive and analyze network alerts from various sources and determine possible causes of such alerts.
• Provides recommendations for system tuning and enhancements.
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
• Conduct research, analysis, and correlation across a wide variety of all source data sets.
• Notify customer of suspected cyber incidents and articulate the event’s history, status, and potential impact of further action.
• Work with customers to resolve computer security incidents and vulnerability compliance.
• Provide guidance and expertise to SOC Analyst I’s and other team members.
• Participate in an on-call rotation.
• Commits changes to DevOps repositories and syncs global changes to client environments.
• Serve as the primary person for onboarding new clients into the various services.
• Writes new analytics rules, log parsers, and workbooks.
• Performs proactive threat hunting.
• Serves as a technical resource for the Sales team during the sales process by answering questions and/or performing demos of SOC services.