Security Operations Center (SOC) Analyst

The Security Operations Center (SOC) Analyst III role will be responsible for helping a hybrid SOC with 24x7x365 coverage and responding to alerts, notifications, communications, and providing incident response activities. They will support daily SOC operations, including but not limited to: Alert analysis/triage/response, review and action on Threat Intel for IOCs and other operationally impactful information, and understanding of SOC operations requirements and policies. The SOC analysis tasks will be end-to-end, including the network, underlying servers, and infrastructure (physical and virtual) as well as the application. Candidates will be required to perform SOC triage and response analysis, uncovering attack vectors involving a variety of malware, data exposure, and phishing and social engineering methods.

This person will be a self-directing, organized, and effective communicator (verbal and written) who can transfer industry, business, and stakeholder requirements into scalable, cost efficient, and performance driven solutions.

What you’ll be doing

• Monitor Security Alerts: Continuously monitor security alerts from various sources, including SIEM, IDS/IPS, firewalls, and endpoint protection tools.
• Incident Response: Perform escalated triage of security incidents, determine their severity, and escalate as necessary.
• Threat Analysis: Analyze and investigate potential security threats and vulnerabilities.
• Documentation: Document incidents, actions taken, and outcomes in a clear and concise manner.
• Collaboration: Work closely with other SOC team members and departments to ensure comprehensive security coverage.
• Tool Management: Configure and manage security monitoring tools to ensure optimal performance.
• Reporting: Prepare regular reports on security incidents and trends for management review.
• Independence and ownership in supporting the EMEA region during US off-hours.

What you bring

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent years of experience in the role
• 7+ years of progressive, broad based Information Security (IS) experience participating in projects and playing a key role toward successful security operations
• Strong understanding of Cyber Threat TTPs, Threat Hunt, and the application of the MITRE Attack Framework
• Strong experience supporting 24x7x365 SOC operations including alert and notification activities- analysis/triage/response, review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents
• Strong experience and understanding of event timeline analysis and correlation of events between log sources
• Strong experience with an enterprise SIEM (i.e. Splunk, Exabeam, Chronicle, etc) or security analytics solution and understanding of security incident response processes
• Strong experience ability to use, contribute, develop and follow Standard Operating Procedures (SOPs)
• Extensive Experience with triage and resolution of SOC tasks, including but not limited to: vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis
• Knowledge and experience in security and regulatory frameworks including ISO 27001, SOX, NIST, etc.

Added bonus if you have

• Relevant certifications such as GSEC, OSCP, GCIH, etc.
• Experience with global security operations and response
• Extensive Experience with triage and resolution of SOC tasks, including but not limited to: vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis

• Exposure to Ai tools to build SOC alert automation

Job Type: Contract