SOC Analyst

Position Summary/Purpose:

The SOC (Security Operations Center) Analyst within IT Security, serves as the tip of the spear for Security Operations, by triaging alerts and identifying potential attacks to escalate to Incident Response (IR).  They will also serve as the interim IR first line of defense until an IR expert or Engineer is on the line and able to assist, up to and including the authority to contain and isolate a potential attack. Finally, an effective SOC Analyst is deeply knowledgeable about security intelligence and is able to respond to a wide range of security alert sources using tools such as SIEM, SOAR and NDR – able to create searches, correlations and detections. 

Primary Responsibilities /Accountabilities/ Essential Functions:

1. Respond to alerts, triage potential incidents and escalate or resolve as appropriate.  

2. Understand the basics of key security controls including WAF, NGFW, NGAV, EDR, CASB, IAM, UEBA, DLP, NDR, UEM and SIEM and how to respond to incidents from these technology platforms.  

3. Communicate alerts regarding intrusion and compromise attempts against the network infrastructure, applications, and operating systems along the escalation path to IR and Engineering or to Management as appropriate. 

4. Coordinate with end-users and business contacts to help triage and resolve issues. 

5. Other duties as assigned. 

Equipment Used and Responsibility

• SIEM
• SOAR
• Cloud WAF
• NGAV
• EDR
• NDR
• CASB
• NGFW

Supervisory Responsibilities

Informal mentorship.

Experience/  Education

• Bachelors or Associates degree in Computer Science, Information Systems or related field or equivalent work experience strongly encouraged.
• Requires 1-3 years of relevant IT operations and/or IT security experience (internship experience will be considered).
• Professional certifications are not required; however, preference may be given to candidates with one or more relevant certifications such as Splunk, Crowdstrike, Security+, CISSP, CISA, CISM, GIAC, GSEC, CEH, CNA/CCNP, CCSP, MCSE.  Specific vendor/product certifications are a huge plus. 

Physical Requirements:

• Sitting:      6-7 hours a day
• Standing:  1-2 hours a day
• Walking:   1-2 hours a day
• Lifting:      Occasionally
• Carrying:   Rarely
• Pushing:    Rarely
• Bending:   Rarely
• Squatting: Rarely
• Kneeling:     Rarely
• Climbing:    Rarely
• Reaching:    Occasionally
• Grasping:     Frequently
• Fine Eye to Hand Coordination:  Continuously
• Driving:       Rarely
• Work Environment:  Office building on site.  Work is performed primarily inside, subject to variations in temperature and weather, equipment noise and dust.