Security Operations Center Analyst

About GT Center of Excellence (CoE)

The CoE serves as a shared services center for GT US. Situated in Kansas City, the CoE is multi-functional in Risk Advisory Services. Empowered people, bold leadership and distinctive client service are embedded in the culture at the CoE. A transparent, competitive and excellence driven firm that offers an opportunity to be part of something significant. Driven professionals at the CoE serve communities through inspirational and generous services to give back to the communities they work in.

Location: Kansas City, Missouri

Position Summary:

Interested candidates should have analytical skills, be strong “thinkers”, with an affinity for learning and innovation. Interested candidates should be self-starters and should demonstrate strength in or a desire to build skills related to Grant Thornton’s core values of: Collaboration, Leadership, Excellence, Agility, Respect, and Responsibility.

Role Responsibilities:

• Able to work shifts on a rotating basis for 24/7 support of clients. This will include the ability to work nights, weekends, and varying hours.
• Provide daily summary reports of cybersecurity events and activity relevant to cyber defense practices, to internal and external stakeholders
• Receive and analyze cybersecurity alerts from various sources within the environment and determine possible causes of such alerts
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
• Validate events/alerts received from all monitored security systems against network traffic using analysis tools
• Ensure compliance with engagement plans and internal quality & risk management procedures of the firm
• Anticipate and identify engagement related risks and escalate issues as appropriate on a timely basis
• Other duties as assigned

Skill Requirements:

• Basic understanding of fundamental security and network concepts (Windows and Unix security: OS lockdown; logging and monitoring; application security; user access; perimeter protection principles, network communication rules; intrusion detection and analysis methods; etc.)
• Hands-on experience with various security tools, including SIEMs, Vulnerability Scanners, Threat Intel tools, EDR/AV preferred
• Experience with SIEM technologies and alert handling preferred.
• Strong technical aptitude, and problem-solving skills
• Excellent thinking, analytical and interpersonal skills
• Enthusiasm to learn through a combination of structured, on-the-job and self-directed training
• Ability to work efficiently and effectively in a team environment

Professional Experience / Qualifications

• 1 years of experience in a technology-centered role preferred.
• Associates degree in IT, computer science, cybersecurity, or similar required.