- Monitor, investigate, analyze, and remediate or escalate indications of compromised or breached systems and applications.
- Work closely with both technical and non-technical customers through the incident response process.
- Respond to inquiries in a timely manner, advising customers on security best practices.
- Advanced use of a large-scale multi-tenant SIEM and SOAR environment.
- Maintain knowledge of current and emerging cyber threats; grow relationships with other incident response professionals, industry partners and vendors.
- Analyze threats for unique indicators of compromise; work with fellow SOC team members to create countermeasures to aid in future prevention and detection of cyber threat activity.
- Familiar with industry standard security tools: NIDS/HIDS, NIPS/HIPS, WAF, NGFW, AV, FIM, EDR, SIEM (Sentinel, QRadar etc.) and SOAR.
- Critical thinker who can analyze and identify basic indicators of compromise on hosts and applications.
- Understand the structure and the meaning of logs from different log sources such as Firewall, IDS/IPS, Windows, Linux, Cisco Appliances, Antimalware software, email security etc.
- Fine Tune SIEM rules to reduce false positives and remove false negatives.
- Able to perform basic forensic analysis and live triage of hosts to include examining running processes, network connections, system logs, file system activity, and more for signs of anomalous behavior.
- Experience with fundamental networking, native cloud technologies, micro services, scripting, and automation concepts.
- Must be able to read and modify code (such as Python, Javascript, etc.) for both analysis and automation.
- Ability to work evenings/weekends as required and to be on-call 24x7 to serve as the escalation point for your team.
- Prior experience working directly as a security analyst required.
- Prior incident response experience is highly preferred including interactions with customers via phone calls, chat, incident tickets and emails.
- Must possess or be able to obtain at least TWO of the following certifications within 90 days of starting:
- Microsoft Certified: Security Operations Analyst Associate (SC-200)
- Microsoft Identity and Access Administrator Associate (SC-300)
- Microsoft Certified: Azure Security Engineer Associate (AZ-500)
- Certified Ethical Hacker (CEH)
-
SOC Analyst III
2 days ago
Armor Defense Inc Plano, United StatesJob Description · Job DescriptionAt Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the b ...
-
SOC Analyst III
2 weeks ago
Armor Defense Plano, United StatesAt Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking n ...
-
SOC Analyst
23 hours ago
Capgemini Irving, United StatesResponsibilities: · Investigate alerts from any/all monitoring platforms as they occur. · This includes SIEMs, Endpoint tools, IDS, etc. · Function as an escalation point for investigations from "Level I" (L1) analysts requiring assistance/further investigation. · Working with an ...
-
SOC Analyst
1 week ago
Tekfortune Inc Dallas, United StatesTekfortune is a fast-growing consulting firm specialized in permanent, contract & project-based staffing services for world's leading organizations in a broad range of industries. In this quickly changing economic landscape, virtual recruiting and remote work are critical for the ...
-
SOC Analyst II
1 month ago
Armor Richardson, United States Full timeAt Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking n ...
-
SOC Analyst III
1 month ago
Armor Richardson, United States Full timeAt Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking n ...
-
SOC Incident Response Analyst
1 week ago
Armavel, LLC Dallas, United StatesJob Description · Job DescriptionProgram Role: CIR Tier II Analyst · Armavel, LLC is offering an opportunity to be a part of a growing, forward-thinking team in an engaging, fast-paced environment. As a Cyber Incident Response Analyst, you will play a critical role in safeguardi ...
-
Citigroup Inc Irving, United StatesAbout Citi: · Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services ...
-
SOC Advanced Malware Defense, Lead Analyst, VP
2 weeks ago
Citigroup Inc Irving, United States**About Citi:** · Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and serv ...
-
Remote- Security Risk Analyst
6 days ago
Insight Global Plano, United StatesAn employer is looking for a Security Risk Analyst to sit remotely. You will primarily be tasked with evaluating, maintaining and documenting the clients internal risk register. You will recommend remediation activities, monitor any related alerts and evaluate the clients complia ...
-
Tier 3 Network Security
2 weeks ago
Comcast Plano, United StatesComcast Business offers a suite of Connectivity, Communications, Networking, Cybersecurity, Wireless, and Managed Solutions to help global organizations of all sizes prepare for whats next. Powered by the nations largest Gig-speed broadband network and backed by 24/7 customer sup ...
-
REMOTE- Security Risk Analyst
2 weeks ago
Insight Global Plano, United StatesJob Description · An employer is looking for a Security Risk Analyst to sit remotely. You will primarily be tasked with evaluating, maintaining and documenting the clients internal risk register. You will recommend remediation activities, monitor any related alerts and evaluate t ...
-
IT Operations Analyst
1 week ago
Diverse Lynx Plano, United StatesJob Title: IT Operations Analyst · Location : Plano, TX Only Local · Job Type : Contract · Job Description : · Job responsibilities · Analyze and provide solution to low complexity and routine computer issues · Work together with vendors to aid repairs of hardware, i.e. print ...
-
Cyber Training Specialist
2 weeks ago
Cyberbit Dallas, United States Remote job Full timeCyberbit Range is the world's leading cyber-security training platform for cyber professionals with clients from Fortune 500, Universities, Governments, and Militaries globally. Sounds intriguing? That's because it is · Cyberbit Range deploys real-world attacks using reverse-engi ...
-
Lead C++ Linux Embedded Software Engineer
4 weeks ago
Innova Solutions Coppell, United StatesInnova Solutions is filling a Lead C++ Linux Embedded Software Engineer position on a direct hire basis for a client based in their Coppell, TX. In this role you will help design and develop software systems for their current and next generation camera systems. Salary is in the $ ...
-
Gartner Irving, United States Full timeWhat makes Gartner Research a GREAT fit for you? · You are a team player who values expert insights, bold ideas, and intellectual courage. · You are always learning and looking to discover what's next in security technology management. · You pursue personal excellence through ...
-
Client Invoicing Coordinator
1 week ago
Altair Frisco, United StatesPOSITION SUMMARY: · The Client Invoicing Coordinator is the central point of coordination with the India-based offshore team with responsibility for driving completion of specific assigned tasks that support the production of client invoices on an agreed schedule. Additional tas ...
-
GRC Analyst
2 days ago
Buzzclan Dallas, United StatesJob Description · Job DescriptionJob Title : GRC Analyst Job Location: DownTown Dallas, TXJob Tenure : Full Time Position We are seeking an experienced Risk and Compliance Analyst to join our team. The ideal candidate will have a strong background in risk management, compliance, ...
-
GRC Analyst
2 days ago
BuzzClan Dallas, United StatesBuzzClan is an elite business consulting firm collaborating to provide software, advisory and implementation services. BuzzClan is a certified partner for most of the tier 1 cloud, hardware and software providers. Being a vertically integrated solutions company, BuzzClan is known ...
-
Cybersecurity Project Manager
2 days ago
IMRI Technology & Engineering Solutions Dallas, United StatesJob Description · Job DescriptionRemote work opportunity with IMRI · IMRI is looking for a Cybersecurity Project Manager with 5-7 years of experience working with SIEM, particularly QRadar, to lead the integration and upgrade project. Here's a breakdown of the scope of work: · In ...
SOC Analyst II - Plano, United States - Armor Defense Inc
Description
Job Description
Job DescriptionAt Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking norms and tirelessly innovating to stay ahead of evolving cyber threats and reshaping how we deliver customer outcomes. We are passionate about making a positive impact in the world, and we're looking for a highly skilled and experienced product manager to join our dynamic team.
SUMMARY
Armor is seeking a talented and highly motivated individual to serve as a Security Operations Analyst L2 in the Armor SOC (Security Operations Center).
ESSENTIAL DUTIES AND RESPONSIBILITIES (Additional duties may be assigned as required.)
REQUIRED SKILLS
Experience / Certifications:
WORK ENVIRONMENT
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment may be in either an office setting, at the company's data center, at a client location or at an industry trade event.
Equal Opportunity Employer - It is the policy of the company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran status, or any other consideration protected by federal, state or local laws.
