Senior SOC Analyst

Description :Role Responsibilities: (What they will be doing)Duties include:The Cyber Threat Analyst, or SOC Analyst, is a triage specialist within the Security Operations Center within the larger Cyber Fusion Center (CFC) org. These analysts are responsible for working alerts in a diligent manner to assess them for signs of malicious or highly anomalous behavior. Aided by automation, alerts will need to be escalated as appropriately to more advanced analysts, leads, responders, and cyber managers.This role with have an emphasis on cloud, particularly AWS and Azure. The Senior SOC Analyst is an mid-level SOC role within the 24/7 Cyber Fusion Center (CFC) organization. The role is responsible for monitoring, triaging, and escalating security events properly in any technology environment. This role will specifically support standard checks every 30 minutes to 1 hour looking for anomalies across various tools, including applications, network traffic, data sources, etc.This role will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS alerts, firewalls, network traffic logs, cloud platforms, and SOAR solutions) to analyze events that occur within their environments for the purposes of mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis.Characterize and analyze alerts to understand potential threats.Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.Document and escalate incidents that may cause ongoing and immediate impact to the environment.Provide daily summary reports of events and activity relevant to cyber operations.Perform cyber Operations trend analysis and reporting.Perform thorough and high-quality triage and analysis for all alerts.Demonstrate strong communication skills both written and verbal.Actively engage in team chats, calls, and face to face settings.Constantly contribute to SOC runbooks.Recommend improvements to automations, alert fidelity, and security controls. .Bachelor Degree: (Required, Preferred or Not Required)Not Required.Must Have Skills/Prior Experiences: (Vendor should not submit any candidate that does not have these skills/prior experience.)The Cyber Threat Analyst, or SOC Analyst, must have skills in email, log, and network analysis.Knowledge of common IT and security concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important.Experience conducting analysis in AWS and Azure environments.Plus/Nice to Have Skills/Prior Experiences: (Hiring Manager DOES NOT require these skills/ prior experience. However candidates with any of these will be looked at first.)Certifications like the: Security+, Network+, CySA+, any cloud certifications, etc.Ability to solve problems by applying best practices. Demonstrated proficiency utilizing security platforms related to logging, event correlation, incident management, and vulnerability management.Demonstrated teamwork and collaboration skills.Strong time management skills and ability to manage competing priorities effectively.Highly effective verbal and written communication skills for the purpose of providing extensive information about event timelines, technical designs, system concepts and business impact to audiences at all levels within the organization.Highly effective verbal and written communication skills for the purpose of providing extensive information about event timelines, technical designs, system concepts and business impact to audiences at all levels within the organization.Support a variety of tasks in support of the larger Cybersecurity Mission.Demonstrate the ability to work as a self-starter and acquire new skills quickly.Exemplify the characteristics of a great team player and overall positive mindset.Ability to support an on-call and regular shift within a 24/7 operations environment.Ability to obtain requisite technical certification(s) within six months of hire.Knowledge of cloud fundamentals.Knowledge of general information technology (IT) and cybersecurity.Knowledge of computer networking concepts and protocols, and network security methodologies.Knowledge of network traffic analysis and packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).Knowledge of operating systems, including Windows/Unix ports and services.Knowledge of basic identity and access management conceptKnowledge of phishing tactics and techniquesKnowledge of cyber threats and vulnerabilities.Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).Knowledge of incident response and handling methodologies.Knowledge of countermeasures to address a variety of threatKnowledge of basic automation, Client, and/or AI possibilities.EEO:"Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans."Original job Senior SOC Analyst posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.