Cybersecurity Consultant - L3

You will be responsible for providing the top talent level for analysis and determination of malicious activity. This role will provide training and support to Jr and Sr level analysts and act as the last line of review before escalation to response team. This role will also require the creation and maintaining of SOP s and other department documents as well as the review of other analysts work as well as other duties.

Additional responsibilities of the Senior Security Operations Center (SOC) Analyst include:

Performing inbound security event analysis in an industry leading SIEM in a shift environment and supporting Level 1 and 2 analysts engaged in the same task.

Review ongoing or completed investigations performed by Level 1 2 SOC Analysts for potential escalation and / or provide analysis feedback to Analyst and SOC Managers

Reviewing alerts in an industry-leading SOAR platform and creating cases in the case management environment

Performing review and validation of daily compliance reports to track business as usual and out of policy activities.

Working alongside senior security engineers and architects to deliver superior security services to CVS Health business units.

Essential Qualifications and Functions:

Knowledge of:

Strong understanding of networking concepts protocols (TCP/IP, UDP, DNS, DHCP, HTTP, HTTPS, VPN, etc.)

Strong understanding of operating system architecture (Windows, UNIX, Linux, MacOS)

Strong understanding of cyber security / Information Security concepts (Phishing, Malware, Vulnerabilities, DDoS)

Strong understanding of Microsoft Technologies such as Active Directory, DNS, DHCP

Strong understanding of various identity and access management / authentication concepts and technologies

Ability to collect data from disparate systems in order to correlate and perform data analysis

Skill In:

Precise concise written communication

Organizational multitasking commitment to follow-up

Public Speaking

Ability To:

Perform document accurate investigative analysis for cyber security Threat Response in a fast-paced environment with rapidly shifting priorities

Take the lead on investigative analysis and incident research

Maintain regular and predictable attendance in a shift-based environment

Perform any additional SOC tasks as directed by Sr Manager or Director

Preferred Qualifications:

Knowledge of:

Working experience and knowledge of two or more of the following security related technologies: Intrusion Prevention systems, Web Proxies, SIEM, SOAR, EDR, Firewalls, Web Application Scanner, Vulnerability Scanners, Malware Research Tools or Forensics Tools

Ability To:

Provide input on policy direction best practices

Provide constructive feedback for fellow colleagues

Provide evidence of or obtain one or more certifications, including but not limited to Network+, Security+, CySA+, CCSP, CCSK, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, AWS, Blue Team Level 1 or 2, Microsoft Azure Security Engineer or equivalent

Prefer: Certification(s): Network+, Security+, CySA+, CCSP, CCSK, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, AWS, Microsoft Azure Security Engineer or equivalent.

Strong understanding of networking concepts protocols (TCP/IP, UDP, DNS, DHCP, HTTP, HTTPS, VPN, etc.)

Strong understanding of operating system architecture (Windows, UNIX, Linux, MacOS)

Strong understanding of cyber security / Information Security concepts (Phishing, Malware, Vulnerabilities, DDoS)

Strong understanding of Microsoft Technologies such as Active Directory, DNS, DHCP

Strong understanding of various identity and access management / authentication concepts and technologies

Ability to collect data from disparate systems in order to correlate and perform data analysis