We are seeking a highly motivated and detail-oriented SOC Analyst to join our Security Operations Center team. The SOC Analyst will be responsible for monitoring, analyzing, and responding to cybersecurity incidents and threats. The ideal candidate will have experience with security monitoring tools, threat analysis, and incident response.
Key Responsibilities:
* Monitor and analyze security events and alerts from various sources (SIEM, IDS/IPS, firewall, antivirus, etc.).
* Perform initial triage and classification of incidents based on defined procedures.
* Investigate and escalate potential security incidents as needed.
* Maintain accurate documentation of incidents, investigations, and findings.
* Collaborate with IT and security teams to coordinate response and resolution.
* Conduct threat hunting to proactively detect malicious activity.
* Maintain and improve SOC procedures and playbooks.
* Stay current on cybersecurity trends, threats, and vulnerabilities.
* Participate in regular security audits and assessments.
* Assist in developing and maintaining security monitoring rules and use cases.
Qualifications:
Education:
* Bachelors degree in Computer Science, Information Security, or related field (or equivalent work experience).
Experience:
* 13 years of experience in a security operations, cybersecurity, or IT role.
* Experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight).
* Familiarity with log analysis and intrusion detection systems.
Certifications (Preferred but not required):
* CompTIA Security+
* Certified SOC Analyst (CSA)
* GIAC Security Essentials (GSEC)
* Certified Ethical Hacker (CEH)
Skills:
* Strong analytical and problem-solving skills.
* Good understanding of TCP/IP, DNS, HTTP, VPN, and other core networking concepts.
* Familiarity with MITRE ATT&CK framework and cybersecurity kill chain.
* Ability to work in a fast-paced 24/7 environment (shift work may be required).
* Excellent written and verbal communication skills.
#J-18808-Ljbffr