SOC Analyst

Assists in the administration of industry-leading security tools. performs system management and rules development.

May assist in conducting security vulnerability assessments including, but not limited to, vulnerability scanning, compliance auditing, impact analysis, and risk assessments.

Reviews security log flow from various security devices and appliances to the SIEM (Security Information and Event Management) system.

Monitors security events to analyze and mitigate incidents before they evolve.

May assist in engaging in the incident response lifecycle to mitigate, circumvent, and prevent attacker objectives. includes validation and authorship of use cases and functions leveraging event data, SIEM log analysis, and network data analysis tools.

Checks and monitors alarms and audit logs to identify and remediate potential security threats. escalates more complex issues to other team members.

Assists in the preparation of weekly & monthly reports for distribution, review and potential follow-up actions as assigned.

Analyzes and remediates associate-reported suspicious email. escalates more complex issues to other team members.

Assists in testing new policies per company requirements.

Monitors Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC) Records.

Learns and adapts to the latest network and security technologies, contributing to the continuous process improvement cycle, new efficiencies and automation improvements for the team.

May assist in content development for playbooks to assist in increasing incident response accuracy & efficiency.

Initiates, responds and resolves cybersecurity cases.

Suggests security alert notifications for distribution via Internal Communications.

Performs other related duties as assigned to meet the needs of the business.

Required Qualifications

Bachelor’s degree in Information Technology, Computer Science, or a related field required, or an equivalent combination of experience, education and certifications/licenses required

One (1) to three (3) years of job-relevant work experience within the IT security industry required

Preferred Qualifications

Security Information and Event Management (SIEM), Cisco Firewall, Firewall, Vulnerability Scanning, Compliance, Network Traffic Analysis, Virtual Machines

Professional level experience in one (1) or more of the following preferred:

Security Information and Event Management (SIEM)

Content filters, or email protection systems

Firewalls

Vulnerability and compliance scanners

Network traffic flow devices

Systems knowledge of Windows

Systems knowledge of virtual machine platforms

Knowledge, Skills, and Abilities

Knowledge of IT security management processes including one or more of the following: risk management, security planning, IT security control implementation, testing, and logical access controls

Knowledge in troubleshooting Microsoft Outlook issues, internet fundamentals, network routing, email delivery, and security

Knowledge of DNS fundamentals concerning Active Directory

Skill in managing tickets/issues, following-up, and closure processes (including escalating complex issues to other IT team members and/or collaboration with system administrator)

Skill in analysis and investigation of issues based on tracking information

Skill in analysis of email headers for investigation and attachment via email for prohibited file types

Skill and ability to clearly and concisely communicate verbally and in writing with team members and customers

Skill in applying critical thinking, analysis and problem-solving methods

Skill in managing projects, organizing, prioritizing, and meeting deadlines

Skill in working under a general level of supervision or oversight

Salary : $80,000 - $100,000