OculusIT - L3 Cyber Security Analyst - SOAR

Company Description OculusIT is the premier IT services partner for higher education institutions, offering cost-effective, responsive, and flexible solutions. We specialize in IT Leadership, Managed ERP, Security and Infrastructure Services, and 24x7 Operations. Our high-touch, customer-centric approach ensures that clients receive the highest quality service and support. We are seeking a highly skilled and experienced Cyber Security Analyst L3 to join our team. The ideal candidate will have strong expertise in cybersecurity investigation strategies, incident response, malware analysis, and advanced threat investigation techniques. The role also requires proficiency in open-source SIEM tools, EDR platforms, cloud security assessments, and server hardening practices. This position involves working with US-based clients and requires excellent communication Responsibilities :Threat Investigation & Incident Response : - Develop and implement advanced investigation strategies for cybersecurity incidents. - Conduct detailed log analysis to identify threats, anomalies, and potential breaches. - Perform malware analysis to understand behavior and mitigate threats. - Manage end-to-end incident response processes and root cause SIEM Expertise : - Operate and integrate open-source SIEM platforms such as Wazuh, AlienVault, and others. - Configure and fine-tune SIEM to enhance log ingestion, rule creation, and threat Detection and Response (EDR) : - Investigate incidents using EDR solutions like Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne. - Analyze endpoint telemetry and execute threat hunting Security : - Conduct cloud security reviews for platforms such as AWS, Azure, and Google Cloud. - Provide recommendations to strengthen cloud architecture and user authentication Hardening & CIS Benchmarks : - Implement server hardening techniques based on CIS benchmarks. - Perform security assessments to address identified Intelligence & SOAR Integration : - Leverage threat intelligence platforms to proactively identify and mitigate potential threats. - Work on SOAR (Security Orchestration, Automation, and Response) platforms to automate incident handling Handling & Communication : - Lead incident handling efforts, coordinating with internal and external stakeholders. - Provide clear, concise, and actionable communication to technical and non-technical & Log Analysis : - Review and analyze Linux system logs to identify potential security issues. - Investigate unauthorized access attempts and system Management : - Collaborate with US-based clients, ensuring their cybersecurity needs are met. - Deliver regular reports, updates, and recommendations to Skills and Qualifications : - 10+ years of hands-on experience in cybersecurity, incident response, and threat investigation. - Expertise in open-source SIEM platforms like Wazuh, AlienVault, and their integration. - Proficiency with EDR solutions such as Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne. - Strong knowledge of cloud security best practices and architecture reviews. - Experience in server hardening following CIS benchmarks. - Familiarity with SOAR platforms and threat intelligence tools. - Solid understanding of Linux systems and log review methodologies. - Excellent communication skills for client interactions and technical reporting. - Proven ability to work with international clients, especially in the Certifications : - Certified Information Systems Security Professional (CISSP). - Certified Incident Handler (GCIH). - Certified Ethical Hacker (CEH). - Microsoft Certified: Azure Security Engineer Associate. - AWS Certified Security Specialty. (ref:hirist.tech)