Security Analyst

Company Overview Incedo is a US-based consulting data science and technology services firm with over 3000 people helping clients from our six offices across US Mexico and India We help our clients achieve competitive advantage through end-to-end digital transformation Our uniqueness lies in bringing together strong engineering data science and design capabilities coupled with deep domain understanding We combine services and products to maximize business impact for our clients in telecom Banking Wealth Management product engineering and life science healthcare industries Working at Incedo will provide you an opportunity to work with industry leading client organizations deep technology and domain experts and global teams Incedo University our learning platform provides ample learning opportunities starting with a structured onboarding program and carrying throughout various stages of your career A variety of fun activities is also an integral part of our friendly work environment Our flexible career paths allow you to grow into a program manager a technical architect or a domain expert based on your skills and interests Our Mission is to enable our clients to maximize business impact from technology by Harnessing the transformational impact of emerging technologies Bridging the gap between business and technology Role Description POSITION SUMMARY The SOC Analyst Level 1 will use a variety of tools to investigate incidents and take immediate action or recommend a course of action to safeguard Incedo s Managed Services Clients The SOC Analyst Level 1 is responsible for monitoring and responding to security related alerts triggered in the SIEM tool within Incedo s Technology Partners Managed Service Clients Primary responsibilities include incident triage correlation of data from firewall endpoint security SASE and IPS logs determining if a critical system or data set has been impacted provides recommendations on remediation and provides support for new analytic methods for detecting threats Hours 24X7 3 Shifts Rotation Role and responsibilities Ensure that all SOC Security Operations Center tickets are handled and resolved within SLAs Service Level Agreements Perform detailed analysis of threats and security events using sound analytical skills knowledge and experience with a clear narrative to support conclusions Maintain records of security events investigated detailed notes of security incident resolution and incident response activities utilizing ticketing systems Make situational incident response recommendations based on best practice security policies that address the client s business need Research and stay up to date with current security vulnerabilities attacks threat actors security advisories and the MITRE Attack Framework Manage maintain and monitor security alerting systems from remote communications sites to ensure company compliance Create and run search queries in SIEM tool to help with identifying and troubleshooting security issues Utilize tools e g Wireshark Nmap PCap etc to identify and map devices on the network Open track and close trouble tickets Technical Skills Answer incoming hot line calls and monitor various e-mail accounts and act according to SOC procedures and processes Interface with client through email phone calls and meetings or Aspire field personnel to mitigate security incidents Assist with the preparation of SOC reports research papers and blog posts Investigate and provide technical analysis of various security incidents and possible compromise of systems Works as Tier I L1 support and will work directly with Tier II L2 and TIER III L3 and NOC Engineers for issue resolution Provide direct communication to affected users and companies on security incidents and maintenance activities Maintain customer technical information within defined documentation standards Obtain maintain technical professional certifications applicable to position or as directed Communicate with customers peers team and managers regarding incident and change management Provide emergency on-call support on a rotating schedule Perform other duties as assigned Nice-to-have skills Possession of an Industry Certification Security CySA Cisco Cyber-Ops Associate NSE4 or similar 1 years of experience in Security Management SIEM and Log Management MS Sentinel IBM QRadar Splunk OSSIM FortiSIEM LogRhythm etc Experience with Firewalls Palo Alto Networks Cisco Firepower Manager Experience with Endpoint Security Cisco Secure Endpoint CrowdStrike Falcon Carbon Black Microsoft Advanced Threat Protection Experience with Network Traffic Analytics Cisco Stealthwatch Cloud Darktrace Experience with DNS Security Cisco Umbrella Forcepoint 2 years of experience with Ticket Management Tools e g ConnectWise ServiceNow Qualifications Qualifications Education and Experience Bachelor s degree in computer science Information Technology or a related field Experience of 2 to 3 years relevant experience 1 year of professional work experience in cyber security field 1 year of experience with Security Event Alert Management Incident Response and Change Management Processes 1 year of experience handling security events related to Malware Detection and Analysis Indicators of Compromise IOC Email Phishing Endpoint Detection and Response EDR Knowledge of Runbooks Playbooks and following Standard Operating Procedures Strong troubleshooting and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team Strong organizational and time management skills Willingness to work after hours and provide on-call support Company Value We value diversity at Incedo We do not discriminate based on race religion color national origin gender sexual orientation age marital status veteran status or disability status