SOC Analyst - Level 2 & 3

Company: CiraInfoTech
Location: Alpharetta
Posted on: March 27, 2020

Job Description:

LOCAL CANDIDATES TO ATLANTA GEORGIA PREFFERED ROLES. SOC Analyst Level 2 3 Job Description Those authorized to work in the United States without sponsorship are encouraged to apply. Candidate must be able to obtain government security clearance Position SOC Analyst - Level 1, Level 2, Level3 Location Alpharetta, GA Position Type Direct Hire Full Time Work Schedule 24X7 (In the office during business hours and flexibility for remote after hours) Education Licenses High School Diploma or equivalent required Available Openings 3 Travel Very limited or No travel Position Availability Immediate . This individual needs to have SOC experience and using Firewall, IDSIPS and SIEM technologies for investigation as well as knowledge on networking technologies including Routers and Switches. They need to have extensive knowledge and experience with incident response, incident handling and security operations. For this role, you need to have basic understanding of incident handlingincident response techniques within on-prem andor cloud based environment like Azure or AWS. For this role you also need to have advanced knowledge of IDSIPS systems. Key Responsibilities Respond to Cyber Incidents 60 Initiate immediate actions to contain identified cyber security issues detected from a variety of platforms and operating systems. Perform forensic collections, intrusion correlationtracking, threat analysis, and direct system remediation to contain threat. With a sense of urgency, work with IT colleagues on containment and a plan to eradicate vulnerability. Write technical reports on incident findings Monitors a variety of platforms 24x7 covering operating systems and security technology software for security alerts. Logs, document, review, and assess alerts. Identify intrusion artifacts at the host and network level. IT Security technology software may include Email SPAM filtering solutions, vulnerability scanning solutions, Intrusion Detection Systems, anti-virus software, Internet web filtering solutions. Respond to Cyber Security calls when on rotational 24x7 support, taking appropriate urgent action Vulnerability Management 20 Correlate multiple data sources to identify vulnerabilities, make recommendations and work with system owners to expedite remediation Manage and enhance vulnerability scanning tools and capabilities Manage and influence system owners to adopt enhancements or remediation Optimization 20 Investigates false positives and assesses possible enhancements to eliminate Enhance cyber vulnerability tools, software platforms, processes, and procedures to continually optimize cyber security programs Additional responsibilities as assigned or requested Provide recommendations for improvements to Company s Security Policy, Procedures, and Architecture based on operational insights Define and assist in creation of operational and executive reports Define tool requirements to improve SOC capabilities Experience Knowledge technical experience in Information Security, System Administration, or Network Engineering with at least 2 - 4 years of experience in Information Security Extensive experience in Incident Response, Incident Handling and Security Operations Advanced knowledge and expertise of using SIEM technologies for event investigation Basic understanding of incident handlingincident response techniques within a cloud-based environment such as Azure or AWS Security Certifications Preferred Certified Incident Handler (GCIH) Certified Intrusion Analyst (GCIA) Certified Penetration Tester (GPEN) Certified Ethical Hacker (CEH) Certified Expert Penetration Tester (CEPT) Certified Information Systems Security Professional (CISSP) Networking Certifications (CCNA, etc.) Platform Certifications (Microsoft, Linux, Solaris, etc.) Preferred Competencies Event analysis leveraging SIEM tools Incident investigation and response skill set Log parsing and analysis skill set Knowledge of networking fundamentals (TCPIP, network layers, Ethernet, ARP, etc.) Knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.) Knowledge of malware operation and indicators Knowledge of penetration techniques Moderate knowledge of DDoS mitigation techniques Moderate knowledge or IDSIPS systems Moderate knowledge of Windows and Unix or Linux Moderate knowledge of Firewall and Proxy technology Moderate knowledge of Data Loss Prevention monitoring Moderate knowledge and experience with Cloud technologies (Amazon, Azure, Google Cloud) Moderate experience with scripting Moderate knowledge of forensic techniques Moderate protocol analysis experience (Wireshark etc.) Basic Knowledge of audit requirements (PCI, HIPPA, ISO 27001, etc.) Knowledge of the following concepts and tools network security concepts modern threat actors, malware, and TTPs Scripting abilities (PowerShell, Python, etc.) Vulnerability Management Platforms (Qualys, Tenable, Nexpose, etc.) Work conditions When considering the work environment associated with this job, the following factors may apply Environment - Work is primarily indoors professional attire required Postures Frequent continuous period of time sitting during work hours Hours May work beyond standard hours or schedule as business needs arise limited amount of local andor multiple location travel required Rotational on-call responsibilities

Keywords: CiraInfoTech, Alpharetta , SOC Analyst - Level 2 & 3, Professions , Alpharetta, Georgia