SOC Analyst II

A SOC Analyst II at Pratum provides real time security monitoring and threat hunting in our Security Operations Center (SOC).  You will have the opportunity to work with customers across many industries by providing managed security services such as SIEM, vulnerability scanning, firewall and end point management.  In this position, you will provide exceptional customer service by assisting customers in identifying potential security incidents, attack sources, root causes and/or threat actors. 
 
This position will configure and maintain security hardware and software in accordance with organizational standards.  As a senior member of the SOC team, you may also be responsible for helping manage the backend infrastructure for the SOC environment.  

Tasks:

• Provides security event monitoring and analysis to identify critical security events at client sites.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Coordinate with customer staff to validate security alerts.
• Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
• Perform event correlation using information gathered from a variety of sources to gain situational awareness and determine the effectiveness of an observed attack.
• Receive and analyze network alerts from various sources and determine possible causes of such alerts.
• Provides recommendations for system tuning and enhancements.
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
• Notify customer of suspected cyber incidents and articulate the event's history, status, and potential impact for further action.
• Work with customers to resolve computer security incidents and vulnerability compliance.
• Provide guidance and expertise to other Pratum team members. 

Skills/Qualifications:

• Ability to identify and evaluate risk to IT systems, communicate risk to management
• Select and recommend appropriate risk mitigation strategies to ensure IT systems remain within established risk tolerance levels.
• Experience in System Administration including Microsoft desktop, server OS and server applications, Linux/Unix.
• Experience with system reporting, scripting and/or programming.
• Ability to clearly communicate with co-workers, management, clients and vendors.
• Maintain a professional appearance and vocabulary, both spoken and written form.
• Ability to quickly understand and synthesize security issues, resolve conflicts and deliver appropriate

Travel: 

• Less than 10% travel expected.

Experience/Education Preferences:

• AAS or bachelor’s degree or equivalent work experience 
• Professional Certifications (I.e. GMON, CISSP, CCNA, MCSE) required.
• Experience with a SIEM, firewalls and similar security technologies is required.