SOC Analyst
Your role Support the security incident response team by contributing to the resolution of computer security incidents
- Act as an expert in security incident response within the security monitoring team and on other security initiatives and projects.
- Analyze security alerts from various security monitoring tools including the Security Information and Event Management (SIEM)
- Perform triage, assess the scope of threats and escalate as necessary
- Develop and analyze dashboards and reports to identify potential threats and suspicious/anomalous activity
- Provide Tier 2 & Tier 3 support as needed
- Stay up-to-date with information security newsfeeds, techniques, and trends, threat landscape, attacks techniques, detection methods, etc
- Propose recommendations to improve security monitoring and provide advisories to other teams and projects to improve protection.
Requirements - Minimum of 3 years of relevant professional experience in information technology
- Experience in a Security Operations Center (SOC) or Cyber Incident, preferably in security monitoring and security incident response
- Experience working with Security Information and Event Management (SIEM) solutions (ArcSight) and/or Logging Management solutions (ElasticStack)Experience with several of these technologies: Active Directory, Endpoint Security, Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Office 365, Cloud environments (Azure, AWS, etc), Security testing platforms (Burp suite, Metasploit, Nessus), Web Application Firewalls (WAF), Web Filtering, UNIX/Linux.
- Experience with case management and ticketing systems.
- Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
- Strong analytical, problem-solving skills and troubleshooting skills, pragmatic approach to IT security challenges and issues
- Sense of urgency and able to apply risk-based approach to prioritize work.
- Capability to work under stress
- Positive attitude, self-starter with strong analytical, and interpersonal skills to lead working groups, negotiate and create consensus
- Highly self-motivated and directed, with keen attention to detail
- Good communications skills and sense of humor
Assets and preferences - Experience in Penetration Testing, Vulnerability Management and/or Red Team exercises are a strong asset
- GIAC GCIH, CompTIA CySa+, CISSP or other security related certifications
- Knowledge of Python, Powershell or other scripting languages
•
Last updated on Nov 21, 2023