SOC Analyst

Job Description :

Skills and Experience :

- 1 to 4 years of experience in Cyber Incident response and investigations.

Job Description :

- Correlate and analyze events using the Splunk/Log Rhythm/Qradar and stellar cyber SIEM tool to detect IT security incidents. Knowledge of network and endpoint security, threat intelligence, and vulnerabilities.

- Conduct analysis of log files, including forensic analysis of system resource access.

- Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, networking, and other security threat data sources.

- Knowledge of sandbox and malware analysis.

- Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks functionality.

- Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.

- CCNA, CEH, CISSP, GCA, GCIA, GCIH, SANS certification would be preferable.

- High level of integrity, professionalism, and attention to detail

- Ability to communicate complex security issues to peers and management alike.

- A motivated, self-managed individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.

Roles & Responsibilities :

- Investigate alerts, triage, deep dives, and come up with proper action items and remediation plans.

- Conduct investigation, containment, and other response activities with business stakeholders and groups.

- Compose incident analysis and find reports for management, including gap identification and recommendations for improvement.

- Recommend or develop new detection logic and tune existing sensors/security controls.

- Participate in security incident response through in-depth, technical (log, forensic, malware, packet) analysis.

- Provide oversight of security alert detection and analysis capabilities across multiple technologies to ensure that security incidents are identified in a timely manner.

- Escalate and support potential security incidents in line with appropriate processes.

- Support communications of potential security incidents via multiple channels.

- Participate in the response to potential security incidents by identifying and communicating relevant supplementary information.

- Identify and analyze new and emerging threats to determine impacts to G-P and provide guidelines and recommendations pertaining to opportunities to strengthen G-P security posture.

- Assist with information security due diligence requests as needed.

- Provide security recommendations to other team members, management, and business stakeholders for solutions, enhancements to existing systems, and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.

- Conduct security reviews, perform vulnerability assessments, recommend remediation actions, and manage security policies and access controls to monitor, protect, and govern data and applications across private and cloud environments.

Job Description

Qualifications :

- Education : Bachelor's degree in information technology, Computer Science, Business, Engineering required, or equivalent experience.

- Certifications : Advanced certifications such as OSCP, GCIH, GSOC, or GCIA.

- Incident Response Experience : 1 to 4 years of experience in Cyber Incident response and investigations.

- Strong interpersonal skills with the ability to collaborate well with others. And, strong written, verbal and communication skills must be needed.

Why Join Us?

- Work on a cutting-edge cybersecurity product in a fast-paced startup environment.

- Collaborate with a world-class team of engineers and security experts.

- Opportunity to learn, grow, and make a real impact from day one.