What are the responsibilities and job description for the SOC Engineer position at Judge Group, Inc.?
Job Description
Location: Brooklyn, NY
Salary: $48.00 USD Hourly - $52.00 USD Hourly
Description: Our client is currently seeking a SOC Engineer
Duties:
Minimum requirements:
Preferred requirements:
Contact:
This job and many more are available through The Judge Group. Find us on the web at ;/a>
Salary: $48.00 USD Hourly - $52.00 USD Hourly
Description: Our client is currently seeking a SOC Engineer
Duties:
- Lead Incident Management activities to monitor and resolve incidents
- Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
- Conduct threat analysis and assessments on network/systems. Monitor, maintain, update, and secure infrastructure.
- Establish, maintain and execute all components of an incident response plan, including run books, from incident intake through root cause analysis, technical remediation analysis, and reporting
- Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs) to identify possible threats to network security.
- Execute cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
- Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
- Accurately documenting an incident from beginning to end as well as evidence handling.
- Write, test, and implement IOC's and IR alerts within the cybersecurity tools
- Collaborate with IT and Cybersecurity team members to onboard system and applications logs in the central logging system
- Utilize endpoint security tools like CrowdStrike, McAfee, RSA NetWitness, NetBrain for threat hunting
- Strong knowledge of Proxy Web Gateway
- Utilize monitoring tools like Armis, Extrahop, Splunk, Secureworks and McAfee IDS/IPS, McAfee Proxy Gateway, Secureworks Taegis Platform, Netwrix, Extrahop, Firewalls (Palo Alto, Fortinet) etc.
- Use vulnerability management tools like Nessus, Rapid 7 and penetration tools like Core Insight, NMAP, Netcat, and Metasploit
- Be a power user of Splunk SEIM
- Perform root cause analysis
Minimum requirements:
- 5 years of work experience in SOC as a Threat Intelligence or Incident Response Analyst
- Previous experience performing threat hunting and incident response using SIEM tools, cybersecurity management tools
- Deep understanding of computer intrusion activities, incident response techniques, tools, and procedures
- Knowledge of digital forensics methodology as well as security architecture, system administration and networking (including TCP/IP, DNS, HTTP, SMTP)
- Strong understanding of vulnerability and exploitation concepts
- Scripting and automation experience in Python, Bash, Powershell, or Javascript
- Strong knowledge of advisory cyber threat actors including Advanced Persistent Threat (APT) actors, cybercriminal groups, hacktivists, and insider threats
- Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools and forensic analysis tools
- Strong knowledge of cloud and application security
- Working knowledge of the Cyber Threat Kill Chain
- Map use cases and subsequent rules and policies to the MITRE ATT&CK framework.
- Strong knowledge of Network security principles, host-based security principles, network and system administration, forensic analysis principles, cyber threat intelligence principles, PKI, and/or counterintelligence operations
- Knowledge of and experience with cloud, web proxy, firewalls, IPS, IDS, mail content scanning appliances, enterprise Antivirus solutions, Network Analyzers, and domain name servers desired
Preferred requirements:
- Bachelor's degree in Computer Science or Engineering
- Knowledge of Malware Analysis, Reverse Engineering, and Memory Forensics tools and techniques
- Experience building policies and rules on email and network platforms
- Individuals with CEH, GIAC, Security certifications preferred
- Splunk Power User certification a plus
- Knowledge of SOAR tools
Contact:
This job and many more are available through The Judge Group. Find us on the web at ;/a>
Salary : $48 - $52
SOC Manager
Bullish US LLC -
New York, NY
SOC Manager
Orbis -
New York, NY
SOC Analyst
Trustmi Network Ltd. -
New York, NY
