Job Description
An Insight Global client is looking for an experienced hands-on SOC Analyst / Engineer to join their team who is comfortable working in fast-paced environment with minimal supervision.
The ideal SOC Analyst should have familiarity with the principals of network and endpoint security, current threats, vulnerabilities, and attack trends.
Additionally, analysts should have a working knowledge of security principals and frameworks. SOC Analysts must be competent to work at a high technical level and be capable of identifying threats and attack vectors.
This SOC Analyst will be actively monitoring and investigating security alerts with the ability to work independently with minimal supervision. They will be expected to follow documented procedures to properly triage and respond to identified malicious activity, such as escalation or remediation actions.
Communicating and collaborating with adjacent teams daily in remediating new security issues.
This client is seeking someone to contribute to general security operations and projects across every sector of their network. On a daily basis, the candidiate can expect 75% of their day revolving around security incident response and 25% around engineering.
In addition, this candidiate will participate in internal meetings and maintain a proper record of tasks for project planning purposes as well as perform regular training to stay sharp on the latest technologies, methodologies, etc. Ideally this candidate will be a team player and interface regularly with shift mates and colleagues.
Required Skills & Experience
· Proven hands-on experience troubleshooting and triaging security related incidents at an escalated level (Tier 2/Tier3)
o Candidate must be willing to remain hands-on up to 75%+ day to day triaging and handling incidents etc.
· Proven experience conducting route cause analysis for incident remediation.
· Proven experience collaborating across a cybersecurity organization for route cause analysis. EX -- calling together war-room scenarios, understanding when to pull in peer teams to eliminate causes or solutions.
· Excellent customer service presence & written/verbal communication skills.
o Candidate must display the ability to work with technical and non-technical end users for support.
· Experience with EDR systems, email security tool, network security tools, and be able to make logical connections in triaging and remediating a security incident. Preferred technology experience:
o Cloudstrike
o Palo Alto
o Cribl
o XSOAR
o Proofpoint TAP/TRAP
· Working knowledge of security principals and frameworks.
· Experience with Security Information Event Management (SIEM) platforms. Splunk preferred.
o Ability to write Splunk queries or tune the SIEM as necessary.
o Experience with comparable technologies is acceptable.
Experience with network communication, TCP/IP fundamentals, various firewalls, etc.
Nice to Have Skills & Experience
· Security certifications such as CompTIA Security+, Network+, CySA+
· Engineering experience, personal or professional, setting up servers, sensors, etc.
· Experience with various SOAR tools
Experience working in a enterprise retail environment
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.