SOC Analyst - Indiana, United States - Owasp10

Description

Role Purpose

The primary function of the Security Operations Center Analyst (SOC) is to analyze any incidents escalated by the Level 1 Security Engineer and undertake the detailed investigation of the Security Event.

The Security Analyst shall determine whether the security event will be classified as an incident. They will be coordinating with cross functional teams and Security team for resolution of the Security Incident. Consequently, the position requires both an understanding of legacy systems, as well as modern technologies and requirements.
Analysts in this role are expected to consistently learn and grow.

This is not a passive career opportunity, but one that requires a passion for security and rigor to protect the business.

This role reports to the Head of Security and Compliance.
Role Responsibilities
Escalate validated and confirmed incidents to designated incident response team.
Notify appropriate stakeholders of incident and required mitigation works.
Fine-tune SIEM rules to reduce false positive and remove false negatives.
Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation.
Proactively research and monitor security information to identify potential threats that may impact the organization.
Develop and distribute information and alerts on required corrective actions to the organization.
Learn new attack patterns, actively participate in security forums.
Work closely with Vulnerability Management and designated incident response team.

Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.

Perform threat intel research.
Ability to run and understand Sandbox Static Analysis.
Open, track and update incidents and requests based on updates and analysis results.
Requirements
Knowledge and hands-on experience of IDS/IPS, Firewall, VPN, and other security products.
Experience with Security Information Event Management (SIEM) tools, analyzing and testing rules, system hardening, and Vulnerability Assessments.
Should have experience on TCP/IP network traffic and event log analysis.
Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
Bachelor's degree or equivalent in a BA/ IT/Security related discipline.
Knowledge of information security standard processes and frameworks.

Experience in the cyber, information security and risk management disciplines for a global financial services or other highly regulated organizations.

Personal Skills and Capabilities
Strong interpersonal and relationship building skills
Strong verbal and written communication skills, with ability to communicate technical information to non-technical stakeholders
Ability to work well under pressure – particularly during a security incident or regulatory audit
Displays an analytical and problem-solving mindset

#J-18808-Ljbffr