Tier 1 SOC Analyst

As a Tier 1 SOC Analyst, your role is pivotal in safeguarding our clients' assets and information by promptly detecting, analyzing, and responding to security incidents within our Security Operations Center (SOC). You will be primarily focused on addressing security event incident response tickets, particularly those concerning lateral movements within networks or anomalous activities, such as logins from different geographic locations. The tickets you handle will predominantly fall within Priority Level 3 & 4, which are considered lower priority incidents.



**Responsibilities:**



- Utilize SIEM (Security Information and Event Management) tools to monitor security alerts and events.

- Conduct initial triage of security incidents to assess severity and potential impact.

- Perform basic investigation and analysis of security events to identify indicators of compromise (IOCs).

- Follow predefined procedures and protocols to respond to security incidents swiftly and effectively.

- Escalate incidents to higher-tier SOC analysts or management as required.

- Collaborate with cross-functional teams to ensure timely resolution of security issues.

- Accurately and thoroughly document all incidents, investigations, and response actions.

- Engage in continuous learning and training to remain abreast of emerging threats and security technologies.



Given the high volume of tickets received by our team, automation plays a significant role in streamlining processes. Each ticket contains comprehensive data, enabling efficient resolution, with some cases taking as little as 30 seconds to resolve. You'll have the opportunity to resolve issues across various industries, including aerospace, banking, healthcare, public education, and more.



Your dedication to maintaining a vigilant stance against cyber threats and your commitment to ongoing learning will be invaluable assets in fulfilling your responsibilities effectively. Join us in our mission to uphold the security and integrity of our clients' systems and data.

Must-Haves:

* Minimum 1 year of experience in a cyber security-related role

* Experience with Endpoint Detection and Response (EDR) tools, preferably SentinelOne

* Previous experience working in a Security Operations Center (SOC)

Familiarity with firewalls

Plusses:

* Experience utilizing SIEM (Security Information and Event Management) tools to monitor security alerts and events. - They leverage Rapid 7 Insight IDR and Stellar SIEM in their SOC

* Experience in Cyber Threat Hunting (CTH) and Cyber Threat Intelligence (CTI)

* Relevant certifications such as Security+, CISSP, or CEH

* Knowledge of Identity and Access Management (IAM)

Familiarity with Active Directory

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.