Tier 1 SOC Analyst

If you consider yourself a driven, motivated and a solutions focused self-starter, then this could be the role for you. 

We are on a hunt for highly-motivated SOC analyst with experience across multiple SecOps technologies engineering domains. If you have previous experience with Palo Alto Cortex XDR, LogRhythm, ESET, Imperva WAF, Microsoft Defender and Microsoft Sentinel to hit the ground running, you already have an advantage! 

About Role:

This position provides 24x7 cybersecurity monitoring services. You will be working 5 days a week on a rotational shift basis. This role includes performing real-time cyber threat intelligence analysis, correlating actionable security events, performing network traffic analysis using raw packet data, and participating in the coordination of resources during the incident response process.

PRIMARY RESPONSIBILITIES:

· Utilize alerts from SIEM, EDR, SEG and custom sensors to identify compromises on client networks/endpoints.

· Triage phishing emails reported by users.

· Review massive log files, pivot between data sets, and correlate evidence for incident investigations.

· Triage alerts to identify malicious actors on client networks.

· Document analysis, findings, and actions in a case/knowledge management system as evidence.

· Answer all client queries via email or over the phone.

SKILLS & EXPERIENCE:

· Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings

· Curiosity and strong desire to constantly learn

· Strong customer-oriented focus

· Sound knowledge or 1 year of experience (preferable) in cybersecurity or as a System and/or Network Administrator

· Demonstrated sound understanding of email analysis. Ability to identify, classify and breakdown the taxonomy of various types of phishing attacks.

· Demonstrated sound understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

· Good understanding of networking and security

· Understanding of Microsoft active directory and windows operating systems

· 24x7 NOC / SOC experience (experience working with or for a MSSP is highly desirable) & willing to perform shift work.

· Programming / shell scripting experience highly desirable (PowerShell, PERL, Python, Java, shell scripts, etc.).

· Keen ability to troubleshoot technical and security problems

PREFERRED QUALIFICATIONS:

· Bachelor/ Master degree or prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of degree.

· Have or working towards any one of the following security certifications such as CompTIA Security+, GCIH, GSEC, GCDA, GMON, GOSI, GCIA, SSCP or CISSP.

· PowerShell or Unix/Linux command line experience (preferable).

· Scripting and programming experience (preferable).

· Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.

· Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.

Note: Applicants who can start immediately or within 30 days will be preferred