SOC Administrator

Accent Consulting is a Managed Services Provider that specializes in Managed IT, Cyber Security, Cloud Services, Software Development, and Technology Consulting. We are a fast growing company that is committed to being the primary resource for technical consultation in our region and we're looking for a SOC Analyst to join our team!

What you can expect when you join the Accent Team.....

• High Standards - We set high standards for our employees and each one of us is held accountable for our work. We are a high energy team that focuses on doing things the right way while delivering the right solution for our customers.

• Meaningful Work - We work with successful growing companies who want to make a difference in the world. We take pride in our ability to provide excellent IT solutions that enable those businesses to be successful.

• An Inviting Company Culture - The atmosphere in our office is open and collaborative. We work very hard for our customers but also enjoy camaraderie with our office mates. We enjoy quarterly outings and office lunches to build relationships and have fun.

Why you'll love working at Accent Consulting.....

• Fast paced growing company

• Career advancement opportunities

• Competitive pay, benefits, and perks

• On-the-job training opportunities

• A culture of setting goals and winning

• Personal accountability

• Quarterly structured feedback

Responsibilities

• Initial triage of security events using established procedures, tools and monitoring platforms including, but not limited to:

• Firewalls and network devices

• Servers and workstations

• Web proxies

• Intrusion detection and prevention systems (IDS/IPS)

• Anti-malware systems

• Security Incident and Event Management systems (SIEM)

• Data Loss Prevention systems (DLP)

• Advanced Endpoint Detection and Response systems (EDR)

• External communications from outside entities, users, phone calls, emails.

• Assist senior members of the SOC with analyzing and responding to potential security incidents

• Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities, malware, and other threats that have the potential to impact our client organizations

• Document threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs)

• Manage the Security monitoring tools, set up dashboards and alerts

• Develop and maintain technical documentation and Standard Operating Procedures (SOP)

• Conduct security research and intelligence gathering on emerging threats and exploits

• Participate on shift-transition calls to ensure all open cases and tasks are properly managed and addressed

• Periodic reporting of metrics and corresponding analysis for client review and strategic information security program adjustments and planning

• 
  Competencies and Qualities

• Highly motivated to work in information security

• Customer oriented & professional

• Strong verbal and written communication skills, fluent in English

• Ability to understand and correlate data from multiple sources, not limited to user authentication events, windows security event logs, syslog, NetFlow/PCAP data, DHCP logs, DNS logs, intrusion detections alerts, proxy logs, packet captures, and firewall events

• Knowledge of various security methodologies and processes, and technical security solutions a plus

• Understanding of how both Windows, Linux and network platforms are compromised a plus

• Regular expression creation experience to support dynamic security event analysis

• Solid understanding of IP networking fundamentals, including IPv4, TCP/IP, LAN/WAN design theory, static and dynamic routing protocols, NAT, ACLs, etc.

• Solid Understanding of TCP/IP, the OSI Model, and underlying Protocols

• Expected to stay current on security industry trends, new threats and attack techniques, mitigation techniques, and emerging security technologies

• Education, Experience, and Certifications

• CompTIA Security or GIAC Security Essentials required within 6 months of hire. CompTIA Cybersecurity Analyst or GIAC Continuous Monitoring Certification preferred

• Previous Security Operations Center (SOC) experience is a plus

• Experience with Security Information and Event Management (SIEM) tools a plus

• Scripting language skills in Python or PowerShell are a plus

• Understanding of cyber forensics concepts including malware, hunt, etc. a plus

• Understanding how to interpret vulnerability and penetration scan results a plus

• Configuration and knowledge of design and implementation concepts of firewall, VPN, IPS, vulnerability management platforms, and other security technologies is desirable

• Basic knowledge of Linux operating systems (command line and GUI) is a plus

Work Environment

In most cases, work will be performed in a climate-controlled office space. Work will require the use of standard office equipment, such as computers, phones, and multi-function printers. The position will be expected to make use of specialized tools and software for troubleshooting and system administration.

Travel

This position requires less than 25% travel with no overnight travel expected.

Physical Demands

Candidate should be able to lift 50 pounds or more. The position will require sitting for long periods of time and may occasionally require lifting, bending, and driving.

• 
  Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the team member for this job. Duties, responsibilities, and activities may change at any time with or without notice.