No more applications are being accepted for this job
Security Operations Center Analyst - Raleigh, United States - Optomi
Description
Tier 2 SOC Analyst - 100% remote in SC, NC, FL, OH, GA or KY
Optomi, in partnership with an enterprise level client in the energy sector is looking to add a Tier 2 SOC Analyst to their growing team The Tier 2 SOC Analyst will handle alerts from Tier 1's and either remediate or escalate to Tier 3's, as needed.
The ideal candidate for this role will come with at least 2 years experience working in a SOC handling SIEM, EDR, Firewall, DLP, cloud, and other alerts PLUS experience developing/scripting in Python, Powershell and/or Bash (preferred).
Strong Tier 2 experience working in a SOC is a must.The Tier 2 SOC Analyst will help with incident response and development/coding projects. This is a Mon-Fri 8am-5pm EST role with only some on-call responsibilities required (on a rotation)
Please note:
This role starts off as a 12 month contract and will automatically convert or extend after that. Most likely, person will be converted within the first year.
What You Will Do:
Responsible for providing monitoring, detection, and response capabilities to ensure security
This includes event, cloud security, and DLP monitoring, as well as a role in the incident response process
Responsible for providing monitoring support for cybersecurity systems as well as conducting investigations into and escalating alerts as required for malicious activity
Review, investigate, and classify the appropriate response for all security incidents that have been assigned / escalated via Tier 1 support
Respond to and mitigate security incidents based on defined process and procedures to contain and eradicate threats
Perform sampled reviews of investigated incidents by junior analysts to improve ticket quality and providing feedback to coach junior resources
Assist with the development of playbooks and processes for day-to-day SOC operations
Assist with the development, configurations and fine-tuning of various security tools in the environment
Collaborate with other Engineering and Operations teams to troubleshoot, respond, and improve detection capabilities
What's Required:
Bachelors degree in IT, Cybersecurity, or related field
2-4+ years experience working in a SOC working with various log sources (SIEM, EDR, FWs, PCAPs, Cloud logs, etc.)
Current experience working as a L2 in an incident response role.
Experience with PowerShell, Bash and/or Python scripting (highly preferred). If no experience here, then a willingness to learn.
Ability to respond to incidents and work them beginning to end
End point or network forensics experience highly preferred
Malware analysis preferred
Candidate must sit in SC, NC, FL, GA, OH or KY for tax purposes, or be open to relocating in the first year.
#J-18808-Ljbffr