Security Operations Center Analyst

Location: Fully Remote

Openings: 1

Duration: 6 month C2H

Interview Process: 1st round with HM and current Jr. SOC, 2nd round with entire security team

Must-haves:

• 3+ years of experience in a MSSP (Managed Security Service Provider) role
• Experience working in a SOC environment
• Experience with Microsoft Defender EDR or XDR
• SIEM platform experience preferably SumoLogic
• Another ex. Splunk
• Incident Response experience – full understanding of the incident response life cycle
• Amazing personality and communication skills

Plusses:

• Experience creating detection logic
• Forensic knowledge
• Familiarity with Active Directory
• Scripting technologies (Powershell, Python)
• Familiarity with cloud technologies (Azure)
• Certificate in Networking or Security

Day-to-Day:

Our client is looking for a SOC Analyst to sit fully remote in the US. This analyst will be reporting to the Manager of the Security Operations Center and will be joining the larger Information Security team. 25% of their day will be responding, reviewing, and escalating Tier 1/Tier 2 tickets in Service Now. Another 25% of their day will be spent configuring security agents, troubleshooting, and reporting any and all activities related to security issues that occur during their shift. Examples of tools this role utilizes to troubleshoot include: SIEM, Endpoint Detection and Response Tools, Application Whitelisting, and Endpoint and Network Monitoring. An additional 25% of their day is completing ad hoc IT Security tasks like Web Content Filtering, escalations from 3rd party MSSP File Monitoring, and support to end users. The final 25% of their day will be spent communicating and coordinating with colleagues in Security and IT. This team is tight knit, and they are looking for someone that they can bond with and get to know.