SOC Lead

#Location - Bridgewater, NJ or US Remote in EST/CST location

About iconectiv
Your business and your customers need to access and exchange information simply, seamlessly and securely. iconectiv’s extensive experience in information services and its unmatched numbering intelligence helps you do just that. In fact, more than 2B people count on our platforms each day to keep their networks, devices and applications connected. Our cloud-based Software as a Service (SaaS) solutions span network and operations management, numbering, trusted communications and fraud prevention. For more information, visit www.iconectiv.com. Follow us on Twitter and LinkedIn.

Responsibilities:

The Security Operations lead will be part of the Security Operations Center team. Primary emphasis will be placed on daily monitoring and review of network, system, and application events to identify potential security incidents.

The Security Lead may be required to:

• Monitor & analyze potential infrastructure security incidents both On-Prem and Cloud to determine if events qualify as a legitimate security breach
• Responsible for the execution of the Incident Response plans and documenting them appropriately
• Perform preliminary log collection and incident response/investigations, cyber forensics, determining the root cause of the security incidents and preserving evidence for potential legal action
• Interface with technical personnel, 3rd party MXDR vendors and other non-technical teams as required for various projects
• Initiate escalation procedure to counteract potential threats/vulnerabilities
• Appropriately inform and advise team leads and managers on incidents and incident prevention
• Document and conform to processes related to security monitoring
• Participate in knowledge sharing with other analysts and develop solutions efficiently
• Lead efforts for cyber readiness , Cyber war games, breach and attack simulations
• Responsible for managing and maintaining the integrity of the SIEM platform(s)
• Provide support as part of an on-call rotation in the Security Operations Center

Required Qualifications:

• 7 years’ experience working in a Security Incident Response.
• Experience with and knowledge of TCP/IP, Web, Linux, Windows and related technologies.
• Experience with implementing Security Information Event Management (SIEM) solutions (LogRhythm, Devo , ElasticSearch, Splunk)
• Experience reviewing and correlating raw log files in a security capacity (SEIM, AV, IDS, Firewall, Servers, Database, etc.).
• Strong understanding of regular expressions and pattern matching
• Strong understanding of monitoring of Azure & AWS environments
• Experience with command line and network tools (ping, traceroute, etc.)
• Ability to conduct packet analysis using common tools (tcpdump, Wireshark, etc.)
• Working knowledge of intrusion tools and techniques and detection methods at both the network and host level.
• Knowledge of common detection and prevention technologies such as AV, IDS/IPS, DLP, Proxy, Firewalls, etc.).
• US Citizenship required

Relocation Benefits: This position is not eligible for relocation assistance.

Full Time Employee benefits:

• Health care benefits
• 401(k) with company match
• Holiday pay
• Paid time off (inclusive of a volunteer day)
• Tuition Reimbursement upon approval

DISCLAIMER: The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position. Therefore, employees assigned may be required to perform additional job tasks required by the manager.

We are proud to be an EOE Minorities/Females/Protected Veterans/Disabled employer. The Company’s status is a VEVRAA Federal Contractor. Request Priority Protected Veteran Referrals. We maintain a drug-free workplace and perform pre-employment substance abuse testing.