SOC Analyst

Job duties: • Tier 1 Overflow Responsibilities: o Develop new signatures and correlated searches based on a variety of requirements o Document work within a security operations ticketing system o Analyze data and events within the SIEM or SOAR for prioritization and priority elevation o Identify data sources and analytics for inclusion into SIEM or SOAR o Remote Client System Monitoring and Analysis o Tracking, and reporting of security patch/upgrade implementation o Scheduling, execution and tracking of vulnerability remediation activities o Information gathering, port and vulnerability scanning and analysis according to policy • Tier 2 Responsibilities (Incident Response Leader): o Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation o Work with client in remediation efforts o Notify SOC manager of all elevated incidents and keep appraised of progress o Collaborate with Tier 3 Analysts on Threat Hunting requirements o Manage and administer the SOC tools (SIEM, SOAR, IDS, etc.) o Develop reports and other capabilities to support the needs of our clients o Development of security policies, processes, and procedure o Development and delivery of presentations o Workload estimation for new clients o Conducting security audits o Mentor Tier 1 Analysts to grow and assist in Tier 2 requirements

Requirements: • 1+ years of experience investigating security events and incidents or performing computer forensic analysis • 3+ years SIEM experience; 1+ years SOAR experience • 4+ years of experience with Incident Response • Experience in Critical Infrastructure OT systems and protocols to include SCADA, PLCs, etc. • Familiarity and experience with Risk Management Frameworks • Scripting skills in any common language (Python, Perl, Bash, or Powershell) • Skilled at using multiple operating systems