No more applications are being accepted for this job
- Raleigh , NC
SOC Analyst - Charlotte, United States - Siri InfoSolutions
Description
Job DescriptionJob Description
Position Information
Position Title:
IR Engineer 3 / SOC Analyst
Location:
Hybrid
If Hybrid, how many days per week?
Monday - Thursday in client office / Friday remote
Address :
Work Authorization:
US Citizens
Day to Day
Dive deep into incident analysis by correlating data from various sources, determining if a
critical system or data set has been impacted, advising on remediation, and supporting new
analytic methods for detecting threats
Conduct incident handling, including containment, eradication, and recovering, closing out
reports and lessons learned, and escalating to specialized analysts or SOC managers during
malware analyses or adversity hunt missions
Review alerts to determine relevancy and urgency and communicate alerts to agencies
regarding intrusions to the network infrastructure, applications, and operating systems
Collaborate with other teams to assess risk and enrich client alerts
Collect intrusion artifacts, including source code, malware, and Trojans, and use discovered
data to enable mitigation and threat intelligence discovery
Receive and analyze network alerts from various sources within the enterprise and determine
possible causes of such alerts, correlate incident data to identify specific vulnerabilities, and
make recommendations that enable expeditious remediation
Stay up to date with current vulnerabilities, attacks, and countermeasures
Goal is to be the best l3 analyst in their space
Growth down the line
Must Haves
In layman's terms, what does this person need to be doing in their job every day? What's the problem they are solving?
Working with a leading biopharm company within their SOC center to work on best practices & evolving technology
What type of experience is needed and how does this experience translate to the actual role?
EDR, SIEM, Proxy Analysis tools, cyber tools, etc.
Top Must Haves
Lead a SOC or small team
How to triage in multiple endpoint detection tools
Very thick skin & great comms skills
3+ years of experience as part of a Computer Incident Response Team (CIRT), Computer
Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or
Security Operations Center (SOC)
CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or
EC- Council Certified SOC Analyst (CSA) (can speak the language - not required)
Education:
BA or BS degree or 4+ years of experience with equivalent Cyber work (ideally)
Soft Skills:
thick skin, no ego, ability to gauge when the right time to push back on leadership, ( HEADS DOWN BOOTS ON THE GROUND TYPE)
Nice to Haves
Consulting experience specifically at the "big four" really prioritize
Biopharm experience
Military background
GIAC Certified Incident Analyst (GCIA)
MS in Cyber Operations or related Cyber Security studies
Splunk Core Certified Advanced Power User
Analytic Path / Threat Analysis Endpoint
Resume:
An IR person with experience in Big 4 (Deloite, EY
Consulting / client facing experience
How it affects the business / clients is a big plus
BioPharma Companies - nice to have
Pfizer Inc. Pharmaceuticals and Healthcare
Johnson & Johnson. Pharmaceuticals and Healthcare
Merck & Co Inc. Pharmaceuticals and Healthcare
AbbVie Inc
Bristol-Myers Squibb Co
Abbott Laboratories
Eli Lilly and Co
Background
Role/Position Background:
IR Engineer 3 / SOC experience
Years of Experience Needed:
3-5 years w/ degree, 7+ without not a leader / manager
Types of environments candidates should be coming from?
Consulting / client facing
Selling points on position and team
Working with leading biopharm client
Brand new company with aggressive growth goals and future plans
Job Description
The Challenge:
Are you ready to take an active role in cyber defense? Are you looking for an opportunity to
protect critical infrastructure from the constant onslaught of cyber attacks? If you want to
challenge your skills and stretch your limits by analyzing cyber threats real-time, then come join
our team.
As an analyst on our SOC team, you'll monitor and analyze threats, using state-of-the-art tools
like Cortex XSOAR, Crowd Strike, Fire Eye, Tanium, Elastic, Splunk, Securonix, and Service Now.
You'll use your cyber security skills to:
Dive deep into incident analysis by correlating data from various sources, determining if a
critical system or data set has been impacted, advising on remediation, and supporting new
analytic methods for detecting threats
Conduct incident handling, including containment, eradication, and recovering, closing out
reports and lessons learned, and escalating to specialized analysts or SOC managers during
malware analyses or adversity hunt missions
Review alerts to determine relevancy and urgency and communicate alerts to agencies
regarding intrusions to the network infrastructure, applications, and operating systems
Collaborate with other teams to assess risk and enrich client alerts
Collect intrusion artifacts, including source code, malware, and Trojans, and use discovered
data to enable mitigation and threat intelligence discovery
Receive and analyze network alerts from various sources within the enterprise and determine
possible causes of such alerts, correlate incident data to identify specific vulnerabilities, and
make recommendations that enable expeditious remediation
Stay up to date with current vulnerabilities, attacks, and countermeasures
You'll work with the team to understand, mitigate, and respond to threats quickly, restoring
operations and limiting the impact. You'll analyze incidents to figure out just how many systems
are affected and assist recovery efforts. You'll combine threat intelligence, event data, and
assessments from recent events, and identify patterns to understand attackers' goals to stop
them from succeeding. This is a great opportunity to build your cyber security skills with hands
on experience in threat assessment and incident response. Join us as we protect our clients
from malicious actors.
Empower change with us.
You Have:
3+ years of experience as part of a Computer Incident Response Team (CIRT), Computer
Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or
Security Operations Center (SOC)
BA or BS degree or 4+ years of experience with equivalent Cyber work
CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or
EC- Council Certified SOC Analyst (CSA)
Nice If
You Have:
GIAC Certified Incident Analyst (GCIA)
MS in Cyber Operations or related Cyber Security studies
Splunk Core Certified Advanced Power User
#J-18808-Ljbffr