Tier III SOC Analyst - Threat Hunting & IR

Post Date

Feb 02, 2023

Location

Houston,
Texas

ZIP/Postal Code

77077
US
Jun 14, 2024 Insight Global

Job Type

Perm

Category

Security Engineering

Req #

HOU-600564

Pay Rate

$120k - $135k (estimate)

Job Description

One of the largest food distribution companies in the world is looking for a REMOTE Tier III SOC Analyst to join their Vulnerability and Threat Management team. This person will use defensive measures and information collected from a variety of sources to identify, analyze, and report cybersecurity events that occur or might occur within the company's network to protect information, resources, and networks from threats.

- Receive, characterize, and analyze endpoint and network alerts from various sources within the enterprise and determine possible causes of such alerts to identify anomalous activity and potential threats to network resources and users

- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities

- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack

- Serve as an escalation point to SOC Analysts providing support, guidance, as well as work and track security incidents through final resolution

- Create and maintain incident response processes, procedures and blueprints. Documenting and maintaining knowledge base of incident methodologies and plans

Required Skills & Experience

5-7 years experience in Incident Response (with Threat Hunting experience)

Background in networking and security including intrusion detection/prevention

Excellent knowledge of security applications such as IDS, IPS, EDR, SIEM, next-gen AV and anomaly detection tools

Knowledge of cyber attack stages

Excellent knowledge of the 6 phases in Cyber incident response plan

Ability to configure and conduct vulnerability scans using VM tools such as Tenable.io and Tanium

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.