Description

The Security Operation Center (SOC) Analyst position is Hybrid, so some on site work is required. Work hours are Monday - Friday, with on call duties every few weeks.

The Security Operation Center (SOC) Analystis responsible for:

* Monitor security events and alerts from various sources including SIEM (Security Information and Event Management) tools, intrusion detection/prevention systems, antivirus systems, and other security tools.

* Analyze security alerts to identify potential cybersecurity incidents and assess their severity.

* Conduct in-depth investigations into security incidents, including determining the root cause, impact, and extent of the compromise.

* Utilize threat intelligence sources to enhance the detection and analysis of security threats.

* Respond promptly to security incidents, following established procedures and protocols.

* Coordinate with internal teams and external stakeholders to contain and mitigate security incidents.

* Document all incident response activities, including actions taken, findings, and remediation steps.

* Assist in identifying and assessing vulnerabilities within the organization's systems and networks.

* Coordinate with system administrators and other stakeholders to prioritize and remediate vulnerabilities in a timely manner.

* Track and report on the status of vulnerability remediation efforts.

* Proactively search for signs of malicious activity within the organization's environment.

* Develop and execute threat hunting methodologies and techniques to identify advanced threats that may evade traditional security measures.

* Manage and maintain security tools and technologies, ensuring they are properly configured and updated.

* Collaborate with the IT team to deploy, configure, and tune security solutions for maximum effectiveness.

* Generate regular reports on security incidents, trends, and metrics for management review.

* Maintain detailed documentation of security incidents, investigations, and remediation efforts.

* Provide guidance and training to other members of the IT team on security best practices, incident response procedures, and emerging threats.

* Participate in security awareness programs to educate employees about cybersecurity risks and mitigation strategies.

* Stay current with the latest cybersecurity trends, threats, and technologies.

* Recommend and implement enhancements to security monitoring and detection capabilities.

Required skills and experience:

* Strong understanding of cybersecurity principles, protocols, and best practices.

* Experience with SIEM tools, intrusion detection/prevention systems, and other security technologies.

* Knowledge of networking concepts and protocols.

* Excellent analytical and problem-solving skills.

* Strong communication and interpersonal skills.

* Ability to work effectively both independently and as part of a team.

Requirements

Required skills and experience:

* Strong understanding of cybersecurity principles, protocols, and best practices.

* Experience with SIEM tools, intrusion detection/prevention systems, and other security technologies.

* Knowledge of networking concepts and protocols.

* Excellent analytical and problem-solving skills.

* Strong communication and interpersonal skills.

* Ability to work effectively both independently and as part of a team.

Other skills/experience would be helpful:

* A strong working knowledge of NIST SP 800-53, NIST SP 800-171, FISCAM, OMB-A123, PCI, SSAE-16 controls (SOC 1) is a plus.

* Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

* 2+ years of experience in a security operations role, preferably in a SOC environment.

* Proficiency in incident response methodologies and tools.

* Relevant certifications such as Security+, GIAC, CISSP, or equivalent are a plus.