- Monitor, investigate, analyze, and remediate or escalate indications of compromised or breached systems and applications.
- Work closely with both technical and non-technical customers through the incident response process.
- Respond to inquiries in a timely manner, advising customers on security best practices.
- Advanced use of a large-scale multi-tenant SIEM and SOAR environment.
- Maintain knowledge of current and emerging cyber threats; grow relationships with other incident response professionals, industry partners and vendors.
- Analyze threats for unique indicators of compromise; work with fellow SOC team members to create countermeasures to aid in future prevention and detection of cyber threat activity.
- Familiar with industry standard security tools: NIDS/HIDS, NIPS/HIPS, WAF, NGFW, AV, FIM, EDR, SIEM (Sentinel, QRadar etc.) and SOAR.
- Critical thinker who can analyze and identify basic indicators of compromise on hosts and applications.
- Understand the structure and the meaning of logs from different log sources such as Firewall, IDS/IPS, Windows, Linux, Cisco Appliances, Antimalware software, email security etc.
- Fine Tune SIEM rules to reduce false positives and remove false negatives.
- Able to perform basic forensic analysis and live triage of hosts to include examining running processes, network connections, system logs, file system activity, and more for signs of anomalous behavior.
- Experience with fundamental networking, native cloud technologies, micro services, scripting, and automation concepts.
- Must be able to read and modify code (such as Python, Javascript, etc.) for both analysis and automation.
- Ability to work evenings/weekends as required and to be on-call 24x7 to serve as the escalation point for your team.
- Prior experience working directly as a security analyst required.
- Prior incident response experience is highly preferred including interactions with customers via phone calls, chat, incident tickets and emails.
- Must possess or be able to obtain at least TWO of the following certifications within 90 days of starting:
- Microsoft Certified: Security Operations Analyst Associate (SC-200)
- Microsoft Identity and Access Administrator Associate (SC-300)
- Microsoft Certified: Azure Security Engineer Associate (AZ-500)
- Certified Ethical Hacker (CEH)
-
SOC Analyst II
4 weeks ago
Armor Defense Inc Plano, United StatesJob Description · Job Description At Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the ...
-
SOC Analyst III
3 weeks ago
Armor Defense Inc Plano, United StatesJob Description · Job DescriptionAt Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the b ...
-
SOC Analyst III
3 weeks ago
Armor Richardson, United States Full timeAt Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking n ...
-
SOC Analyst III
1 week ago
Armor Defense Plano, United StatesAt Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking n ...
-
SOC Incident Response Analyst
4 days ago
Armavel, LLC Dallas, United StatesJob Description · Job DescriptionProgram Role: CIR Tier II Analyst · Armavel, LLC is offering an opportunity to be a part of a growing, forward-thinking team in an engaging, fast-paced environment. As a Cyber Incident Response Analyst, you will play a critical role in safeguardi ...
-
SOC Insider Threat Analyst Lead, VP
3 weeks ago
Citi Irving, United States Full timeAbout Citi: · Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services ...
-
Sr SOC Analyst Lead
3 weeks ago
Danta Technologies Frisco, United StatesSr SOC Analyst Lead in Texas, Frisco - Remote · PST shift (06 pm CET to 02 am CET) · Primary Skills: · " Should have experience in SIEM-Splunk analysis of notable events. · " Monitor Splunk Console & Dashboards and provide response to the reported incidents. · " Perform ini ...
-
Citigroup Inc Irving, United StatesAbout Citi: · Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services ...
-
Citigroup Inc Irving, United States**About Citi:** · Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and serv ...
-
Tier 3 Network Security
1 week ago
Comcast Plano, United StatesComcast Business offers a suite of Connectivity, Communications, Networking, Cybersecurity, Wireless, and Managed Solutions to help global organizations of all sizes prepare for whats next. Powered by the nations largest Gig-speed broadband network and backed by 24/7 customer sup ...
-
REMOTE- Security Risk Analyst
1 week ago
Insight Global Plano, United StatesJob Description · An employer is looking for a Security Risk Analyst to sit remotely. You will primarily be tasked with evaluating, maintaining and documenting the clients internal risk register. You will recommend remediation activities, monitor any related alerts and evaluate t ...
-
IT Operations Analyst
4 days ago
Diverse Lynx Plano, United StatesJob Title: IT Operations Analyst · Location : Plano, TX Only Local · Job Type : Contract · Job Description : · Job responsibilities · Analyze and provide solution to low complexity and routine computer issues · Work together with vendors to aid repairs of hardware, i.e. print ...
-
Cyber Training Specialist
6 days ago
Cyberbit Dallas, United States Remote job Full timeCyberbit Range is the world's leading cyber-security training platform for cyber professionals with clients from Fortune 500, Universities, Governments, and Militaries globally. Sounds intriguing? That's because it is · Cyberbit Range deploys real-world attacks using reverse-engi ...
-
Principal Information Security Analyst
3 weeks ago
Southern Glazer's Wine & Spirits Dallas, United States Full timeOverview · The Principal Information Security Risk Analyst is responsible for assessing IT risk both internally as well as third parties to help secure SGWS data and information. The person in this position will need to have extensive knowledge of information security risk and t ...
-
Adjunct Professor, Cybersecurity, Workforce
3 weeks ago
InsideHigherEd McKinney, United StatesPrimary Location:3452 Spur 399, McKinney, Texas, 75069We are searching for candidates that meet the required qualifications and experience and are able to perform the essential duties and responsibilities.Job Summary:Responsible to prepare and deliver coursework in engaging, inno ...
-
Gartner Irving, United States Full timeWhat makes Gartner Research a GREAT fit for you? · You are a team player who values expert insights, bold ideas, and intellectual courage. · You are always learning and looking to discover what's next in security technology management. · You pursue personal excellence through ...
-
Lead C++ Linux Embedded Software Engineer
2 weeks ago
Innova Solutions Coppell, United StatesInnova Solutions is filling a Lead C++ Linux Embedded Software Engineer position on a direct hire basis for a client based in their Coppell, TX. In this role you will help design and develop software systems for their current and next generation camera systems. Salary is in the $ ...
-
Cyber Fraud Lead Analyst
3 weeks ago
Citibank Irving, United StatesAbout Citi:Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, in ...
-
Professor, Cyber Security
3 weeks ago
InsideHigherEd McKinney, United StatesPrimary Location: · 9700 Wade Boulevard, Frisco, Texas, 75035We are searching for candidates that meet the required qualifications and experience and are able to perform the essential duties and responsibilities. · Job Summary: · Responsible to prepare and deliver coursework in e ...
-
Cybersecurity Project Manager
3 weeks ago
IMRI Technology & Engineering Solutions Dallas, United StatesJob Description · Job DescriptionRemote work opportunity with IMRI · IMRI is looking for a Cybersecurity Project Manager with 5-7 years of experience working with SIEM, particularly QRadar, to lead the integration and upgrade project. Here's a breakdown of the scope of work: · In ...
SOC Analyst II - Richardson, United States - Armor
Description
At Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking norms and tirelessly innovating to stay ahead of evolving cyber threats and reshaping how we deliver customer outcomes. We are passionate about making a positive impact in the world, and we're looking for a highly skilled and experienced product manager to join our dynamic team.
SUMMARY
Armor is seeking a talented and highly motivated individual to serve as a Security Operations Analyst L2 in the Armor SOC (Security Operations Center).
ESSENTIAL DUTIES AND RESPONSIBILITIES (Additional duties may be assigned as required.)
REQUIRED SKILLS
Experience / Certifications:
WORK ENVIRONMENT
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment may be in either an office setting, at the company's data center, at a client location or at an industry trade event.
Equal Opportunity Employer - It is the policy of the company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran status, or any other consideration protected by federal, state or local laws.
