Level 3 SOC Analyst

We are seeking Level 3 SOC Analysts that will be responsible for the identification and tracking of potential security incidents across our clients enterprise.

• The SOC Senior Analyst is essential, as you are part of the first line of defense for the Information Security Team.
• The SOC Senior Analyst position is responsible for training new SOC analysts, assisting in intricate cyber security investigations as part of Threat Response activities, facilitating escalation of cyber security Incidents according to a well-documented Incident Response plan, creating, maintaining & updating SOP documentation for SOC Threat Response playbooks, metrics reporting, and ensuring correct analysis for the cyber

Day to Day:

• Perform thorough investigative analysis of potential cyber security threats based on log review and correlating events which requires the documenting of results that create a timeline that can be read and understood by both technical and non-technical personnel.
• Review ongoing or completed investigations performed by Level 1/L2 SOC Analysts for potential escalation and / or provide analysis feedback to Analyst and SOC Manager.
• Work alongside senior security engineers and architects to deliver superior security services 
• Develop, enhance, and operationalize processes to ensure quality of triage.
• Assist with the development, measurement, analysis, and maintenance of internal and external service metrics for Security Operations, providing timely reports to leadership teams.
• Leverage the metrics to make better informed decisions on improving the organization's capability and functionality.
• Lead, coordinate, and train others on effective analysis of security alerts.
• Work with Alert & Detection engineers (OCE) on the new alert creation, validation and tuning.
• Collaborate across various business units to deliver the most comprehensive security response to internal customers.

Must Haves:

• 5+ years' experience working as a Level 3 SOC Analyst
• Practical experience in the Triage function within a Security Operations Center, preferably in an MDR/MSSP, or complex environment
• Continually learning new attack vectors, new threats, and security framework expertise
• Strong and demonstrated ability to define effective security processes.
• Ability to identify current opportunities in current processes and roll out necessary changes.
• Strong and practical knowledge of industry adopted frameworks and methodologies (MITRE ATT&CK, CIS, NIST, ISO, PCI-DSS, etc.).

Experience with the following information security technologies and principles:
• SOAR
• SIEM
• EDR
• Email Filtering
• Log Analysis
• Proxies
• Malware sandboxing
• AV Solutions
• DLP
• EuBA
• Mitre Att@ck / Kill Chain Analysis
• Authentication • Cloud Technologies
• Scripting or Programing Languages
• Familiarity with OS Processes o Windows, Linux, MAC Education
• Undergraduate degree in information systems or computer science (Required)
• Advanced degree in engineering, Cybersecurity, information assurance, information security, information systems or computer science (Preferred)

Certifications: There are no certification requirements, but strong consideration will be given to those with the following or similar:
• SANs/ GIAC
• CompTIA
• ISC2
• ISACA