SOC Analyst
- Full-Time
Position Information
- Position Title: IR Engineer 3 / SOC Analyst
- Location: Hybrid
- If Hybrid, how many days per week? Monday - Thursday in client office / Friday remote
- Address: - Raleigh , NC
- Work Authorization: US Citizens
Day to Day
- Dive deep into incident analysis by correlating data from various sources, determining if a
critical system or data set has been impacted, advising on remediation, and supporting new
analytic methods for detecting threats
- Conduct incident handling, including containment, eradication, and recovering, closing out
reports and lessons learned, and escalating to specialized analysts or SOC managers during
malware analyses or adversity hunt missions
- Review alerts to determine relevancy and urgency and communicate alerts to agencies
regarding intrusions to the network infrastructure, applications, and operating systems
- Collaborate with other teams to assess risk and enrich client alerts
- Collect intrusion artifacts, including source code, malware, and Trojans, and use discovered
data to enable mitigation and threat intelligence discovery
- Receive and analyze network alerts from various sources within the enterprise and determine
possible causes of such alerts, correlate incident data to identify specific vulnerabilities, and
make recommendations that enable expeditious remediation
- Stay up to date with current vulnerabilities, attacks, and countermeasures
- Goal is to be the best l3 analyst in their space
- Growth down the line
Must Haves
- In layman's terms, what does this person need to be doing in their job every day? What's the problem they are solving? Working with a leading biopharm company within their SOC center to work on best practices & evolving technology
- What type of experience is needed and how does this experience translate to the actual role?
- EDR, SIEM, Proxy Analysis tools, cyber tools, etc.
- Top Must Haves
- Lead a SOC or small team
- How to triage in multiple endpoint detection tools
- Very thick skin & great comms skills
- 3+ years of experience as part of a Computer Incident Response Team (CIRT), Computer
Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or
Security Operations Center (SOC)
- CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or
EC- Council Certified SOC Analyst (CSA) (can speak the language - not required)
- Education: BA or BS degree or 4+ years of experience with equivalent Cyber work (ideally)
- Soft Skills: thick skin, no ego, ability to gauge when the right time to push back on leadership, (HEADS DOWN BOOTS ON THE GROUND TYPE)
Nice to Haves
- Consulting experience specifically at the "big four" really prioritize
- Biopharm experience
- Military background
- GIAC Certified Incident Analyst (GCIA)
- MS in Cyber Operations or related Cyber Security studies
- Splunk Core Certified Advanced Power User
- Analytic Path / Threat Analysis Endpoint
Resume:
- An IR person with experience in Big 4 (Deloite, EY
- Consulting / client facing experience
- How it affects the business / clients is a big plus
BioPharma Companies - nice to have
- Pfizer Inc. Pharmaceuticals and Healthcare
- Johnson & Johnson. Pharmaceuticals and Healthcare
- Merck & Co Inc. Pharmaceuticals and Healthcare
- AbbVie Inc
- Bristol-Myers Squibb Co
- Abbott Laboratories
- Eli Lilly and Co
Background
- Role/Position Background: IR Engineer 3 / SOC experience
- Years of Experience Needed: 3-5 years w/ degree, 7+ without not a leader / manager
- Types of environments candidates should be coming from? Consulting / client facing
Selling points on position and team
- Working with leading biopharm client
- Brand new company with aggressive growth goals and future plans
Job Description
The Challenge:
Are you ready to take an active role in cyber defense? Are you looking for an opportunity to
protect critical infrastructure from the constant onslaught of cyber attacks? If you want to
challenge your skills and stretch your limits by analyzing cyber threats real-time, then come join
our team.
As an analyst on our SOC team, you'll monitor and analyze threats, using state-of-the-art tools
like Cortex XSOAR, Crowd Strike, Fire Eye, Tanium, Elastic, Splunk, Securonix, and Service Now.
You'll use your cyber security skills to:
- Dive deep into incident analysis by correlating data from various sources, determining if a
critical system or data set has been impacted, advising on remediation, and supporting new
analytic methods for detecting threats
- Conduct incident handling, including containment, eradication, and recovering, closing out
reports and lessons learned, and escalating to specialized analysts or SOC managers during
malware analyses or adversity hunt missions
- Review alerts to determine relevancy and urgency and communicate alerts to agencies
regarding intrusions to the network infrastructure, applications, and operating systems
- Collaborate with other teams to assess risk and enrich client alerts
- Collect intrusion artifacts, including source code, malware, and Trojans, and use discovered
data to enable mitigation and threat intelligence discovery
- Receive and analyze network alerts from various sources within the enterprise and determine
possible causes of such alerts, correlate incident data to identify specific vulnerabilities, and
make recommendations that enable expeditious remediation
- Stay up to date with current vulnerabilities, attacks, and countermeasures
You'll work with the team to understand, mitigate, and respond to threats quickly, restoring
operations and limiting the impact. You'll analyze incidents to figure out just how many systems
are affected and assist recovery efforts. You'll combine threat intelligence, event data, and
assessments from recent events, and identify patterns to understand attackers' goals to stop
them from succeeding. This is a great opportunity to build your cyber security skills with hands
on experience in threat assessment and incident response. Join us as we protect our clients
from malicious actors.
Empower change with us.
You Have:
- 3+ years of experience as part of a Computer Incident Response Team (CIRT), Computer
Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or
Security Operations Center (SOC)
- BA or BS degree or 4+ years of experience with equivalent Cyber work
- CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or
EC- Council Certified SOC Analyst (CSA)
Nice If You Have:
- GIAC Certified Incident Analyst (GCIA)
- MS in Cyber Operations or related Cyber Security studies
- Splunk Core Certified Advanced Power User
Address
Siri InfoSolutions Inc
Charlotte, NCIndustry
Government
Get fresh SOC Analyst jobs daily straight to your inbox!
You Already Have an Account
We're sending an email you can use to verify and access your account.
If you know your password, you can go to the sign in page.