Job Description

Phone/Skype Hire. Mostly remote.

The candidate needs to spend 1 week every 3 months at the client site.

Location: Columbia, SC / Remote

Duration: 12+ months

This specific Statement of Work is for a Cyber SOC Experienced Analyst to prevent, detect, investigate, and assist in directing remediation to cyber-attacks and threats against organization enterprise applications, networks, and services by investigating indicators of suspicious and malicious activity, and proactively discovering threats to organization. Individual must have at least 7 years' experience in Security with a MINIMUM of 5 years hands on working with a SIEM creating offenses, alerts and grooming logs. Preference is an individual who has experience leading a CSIRT, CERT, SOC or Investigations team. SIEM preference is QRadar or Azure Sentinel.

This position requires previous security operational center experience - monitoring, investigating, alerting, and reporting security threats. It also requires previous experience in developing SOPs and documentation.

Responsibilities :

Proactively search for active intrusions in the environment, recognizing potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information

• Work closely with escalation points to close out complex investigation
• Conducting holistic, investigative analysis and rating the risk associated with observed activity
• Review investigation escalations from SOC Analysts to ensure accurate analysis and provide advice/mentorship
• Refine and develop dashboards, queries and reports to continuously improve security situational awareness
• Maintain SOC documentation, procedures, processes and hardware and software inventory detail
• Demonstrate a sound understanding of security technologies and their function within a networked environment
• Adhere to corporate information security guidelines and promote information security among coworkers
• Develop reports (manual and automated) to support the development, collection, and reporting of Quality Assurance and Performance metrics.
• Performs other duties and special projects as assigned.

Skills Needed

• Currently employed as a SOC 2 or SOC 3 analyst
• Currently using SOAR and SIEM technology
• Risk and vulnerability assessments
• Incident management
• Security information event management (siem) tuning of offenses, alerts
• Excellent written and verbal communication skills
• Threat hunting
• Ability to use industry-leading security tools
• Demonstrate knowledge of information security principles and practices
• Knowledge of common risks and threats for networking, databases, systems, cloud and web operations
• IRS Safeguard Computer Security Evaluation Matrix (SCSEM)
• Forensics
• Experience in projects involving PCI/NIST security implementations and/or audits.
• Windows Security, including Cloud
• Wireshark
• SIEM tuning of log sources
• SIEM systems development/configuration
• Penetration Testing
• Tenable Security Center Administration
• OWASP Top 10 remediation techniques

Required Education/Certifications:

• Seven (7) years of experience in security information technology systems or related area, with a minimum of 5 years utilizing SIEM technology.
• Cloud Certifications
• Microsoft Certifications, Azure, Security related
• GCIH, GCTI, GCCC, GCWN, GSEC, CEH, GCIA, GCFA, GCFE, GREM, CCIM, CFCE, CCE, CIFI, CHFI, CCNA, CCNA Cyber Ops
• IBM Certified Associate Analyst - Security QRadar SIEM

Job Tags

Similar Jobs