SOC Analyst Il

SOC Analyst ll

The Opportunity 

The Information Technology (IT) group enables and empowers employees to perform the various business activities on an ongoing basis. Geographically spread across multiple offices, the Information Technology group works seamlessly as a single unit to deliver services to the business on a 24X7 basis. The Information Security Team is looking at hiring an SOC Analyst to manage IT security operations for our global network. This is a key role responsible for supporting company’s global security infrastructure working in close coordination with the US onsite team.

• Perform monitoring and data correlation to events of interest using multiple tools such as system event logs, SIEM, IPS/IDS logs, network traffic, anti-virus console and client end-point software to determine if there is an incident.
• Respond to security incident and investigation requests in line with established processes and procedures within defined service level targets.
• Must have extensive experience in multiple security areas such as SIEM, IDS and APT.
• Drive containment strategy during data loss or breach events.
• Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).
• Perform basic forensic activities e.g., conducting examinations of computers, system logs, applications, and networks to locate evidence.
• Implement or perform threat hunting.
• Perform Root cause analysis (RCA) for the incidents and update the knowledge management.
• Tuning of IDS, proxy policy, in-line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems.
• Provide tuning recommendations to administrators based on findings during investigations or threat information reviews.
• Research and stay up to date on current security threats and vulnerabilities to relevant information systems
• Other duties as assigned.

What someone will need to be successful in this role 

• Bachelor’s degree or equivalent in Computer Science or related field.
• Should have 2-4 years of experience supporting complex global environment.
• Accredited Certification on Incident Handling (CEH, GCIH, ECIH).
• Hands-on investigation and log analysis exposure.
• Experience in IT security and defensive technologies (Antivirus, Firewalls, Event Monitoring, Network and Perimeter devices, Data Loss Prevention, IDS, Web content filtering).
• Should be familiar with handling and mitigating attacks related to viruses, spoofing, hoaxes, malware
• Should be familiar with emerging security threats and their attack vectors especially web application attacks
• Sound knowledge on threat hunting.
• Knowledge of SSL/TLS, certificates, and encryption methods
• Exposure to security tools (Web application security scanning with Netsparker, Nessus and Tenable Security Center, Snort IDS, Wireshark, Data Loss Prevention software)
• Sound understanding of OS (Unix/Linux, Windows), IPS/IDS, VPN, Firewalls, Application Security.

Employee Benefits

• 18 PTO days + 2 floating holidays & 10 paid holidays per year
• Generous tuition reimbursement towards a Masters or Bachelors degree
• 401K match up to 6%
• 12 weeks of 100% paid paternity/maternity leave
• Mentorship with industry professionals
• Medical Dental and Vision Health Coverage

#LI-VB1

#LI-Remote