SOC Analyst - Charlotte, United States - Siri InfoSolutions

    Siri InfoSolutions
    Siri InfoSolutions Charlotte, United States

    1 month ago

    Default job background
    Description
    Job Description

    Job Description

    Position Information

    Position Title:
    IR Engineer 3 / SOC Analyst

    Location:
    Hybrid

    If Hybrid, how many days per week?

    Monday - Thursday in client office / Friday remote

    Address :

    • Raleigh , NC

    Work Authorization:
    US Citizens
    Day to Day
    Dive deep into incident analysis by correlating data from various sources, determining if a
    critical system or data set has been impacted, advising on remediation, and supporting new
    analytic methods for detecting threats
    Conduct incident handling, including containment, eradication, and recovering, closing out
    reports and lessons learned, and escalating to specialized analysts or SOC managers during
    malware analyses or adversity hunt missions
    Review alerts to determine relevancy and urgency and communicate alerts to agencies
    regarding intrusions to the network infrastructure, applications, and operating systems
    Collaborate with other teams to assess risk and enrich client alerts
    Collect intrusion artifacts, including source code, malware, and Trojans, and use discovered
    data to enable mitigation and threat intelligence discovery
    Receive and analyze network alerts from various sources within the enterprise and determine
    possible causes of such alerts, correlate incident data to identify specific vulnerabilities, and
    make recommendations that enable expeditious remediation
    Stay up to date with current vulnerabilities, attacks, and countermeasures
    Goal is to be the best l3 analyst in their space
    Growth down the line

    Must Haves
    In layman's terms, what does this person need to be doing in their job every day? What's the problem they are solving?

    Working with a leading biopharm company within their SOC center to work on best practices & evolving technology
    What type of experience is needed and how does this experience translate to the actual role?

    EDR, SIEM, Proxy Analysis tools, cyber tools, etc.

    Top Must Haves

    Lead a SOC or small team
    How to triage in multiple endpoint detection tools
    Very thick skin & great comms skills

    3+ years of experience as part of a Computer Incident Response Team (CIRT), Computer
    Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or
    Security Operations Center (SOC)
    CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or
    EC- Council Certified SOC Analyst (CSA) (can speak the language - not required)

    Education:
    BA or BS degree or 4+ years of experience with equivalent Cyber work (ideally)

    Soft Skills:
    thick skin, no ego, ability to gauge when the right time to push back on leadership, ( HEADS DOWN BOOTS ON THE GROUND TYPE)

    Nice to Haves
    Consulting experience specifically at the "big four" really prioritize
    Biopharm experience
    Military background
    GIAC Certified Incident Analyst (GCIA)
    MS in Cyber Operations or related Cyber Security studies
    Splunk Core Certified Advanced Power User
    Analytic Path / Threat Analysis Endpoint


    Resume:
    An IR person with experience in Big 4 (Deloite, EY
    Consulting / client facing experience
    How it affects the business / clients is a big plus

    BioPharma Companies - nice to have
    Pfizer Inc. Pharmaceuticals and Healthcare
    Johnson & Johnson. Pharmaceuticals and Healthcare
    Merck & Co Inc. Pharmaceuticals and Healthcare
    AbbVie Inc
    Bristol-Myers Squibb Co
    Abbott Laboratories
    Eli Lilly and Co

    Background

    Role/Position Background:
    IR Engineer 3 / SOC experience

    Years of Experience Needed:

    3-5 years w/ degree, 7+ without not a leader / manager
    Types of environments candidates should be coming from?

    Consulting / client facing

    Selling points on position and team
    Working with leading biopharm client
    Brand new company with aggressive growth goals and future plans

    Job Description

    The Challenge:
    Are you ready to take an active role in cyber defense? Are you looking for an opportunity to
    protect critical infrastructure from the constant onslaught of cyber attacks? If you want to
    challenge your skills and stretch your limits by analyzing cyber threats real-time, then come join
    our team.

    As an analyst on our SOC team, you'll monitor and analyze threats, using state-of-the-art tools
    like Cortex XSOAR, Crowd Strike, Fire Eye, Tanium, Elastic, Splunk, Securonix, and Service Now.

    You'll use your cyber security skills to:
    Dive deep into incident analysis by correlating data from various sources, determining if a
    critical system or data set has been impacted, advising on remediation, and supporting new
    analytic methods for detecting threats
    Conduct incident handling, including containment, eradication, and recovering, closing out
    reports and lessons learned, and escalating to specialized analysts or SOC managers during
    malware analyses or adversity hunt missions
    Review alerts to determine relevancy and urgency and communicate alerts to agencies
    regarding intrusions to the network infrastructure, applications, and operating systems
    Collaborate with other teams to assess risk and enrich client alerts
    Collect intrusion artifacts, including source code, malware, and Trojans, and use discovered
    data to enable mitigation and threat intelligence discovery
    Receive and analyze network alerts from various sources within the enterprise and determine
    possible causes of such alerts, correlate incident data to identify specific vulnerabilities, and
    make recommendations that enable expeditious remediation
    Stay up to date with current vulnerabilities, attacks, and countermeasures

    You'll work with the team to understand, mitigate, and respond to threats quickly, restoring
    operations and limiting the impact. You'll analyze incidents to figure out just how many systems
    are affected and assist recovery efforts. You'll combine threat intelligence, event data, and
    assessments from recent events, and identify patterns to understand attackers' goals to stop
    them from succeeding. This is a great opportunity to build your cyber security skills with hands
    on experience in threat assessment and incident response. Join us as we protect our clients
    from malicious actors.

    Empower change with us.



    You Have:
    3+ years of experience as part of a Computer Incident Response Team (CIRT), Computer
    Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or
    Security Operations Center (SOC)
    BA or BS degree or 4+ years of experience with equivalent Cyber work
    CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or
    EC- Council Certified SOC Analyst (CSA)

    Nice If

    You Have:
    GIAC Certified Incident Analyst (GCIA)
    MS in Cyber Operations or related Cyber Security studies
    Splunk Core Certified Advanced Power User

    #J-18808-Ljbffr