Senior Soc Analyst

Description:

Senior SOC Analyst

Job Description

• Overview Responsible for creating, driving and executing standards, procedures, and processes that manage, mitigate, and reduce the risk of cyberattacks.
• Enable global Security Operations by participating in operations, development, and engineering.

What you will do If required,

• participate in a 24/7 on-call rotation, alert triage, investigation.
• Own and drive portions of one or more of the following functions: incident response, threat detection, offensive security.
• Drive and develop orchestrations and automations that reduce manual tasks Perform high-level instrusion and/or defensive analysis.
• Drive and deliver security related audit/compliance/risk-reduction efforts for the team.
• Drive and manage offensive and/or defensive security tooling development, testing, and management.
• Provide guidance to junior team members.
• Develop and and deliver metrics/reports at an Organizational and/or Company level.
• Determine and deliver logging requirements to better detect and respond to security threats.
• Deliver team level projects that drive down the overall risk and/or impact of a cybersecurity incident.

Qualifications

• 6+ Years of experience in one or more areas; incident response, security engineering, offensive security, threat emulation, penetration testing, or security operations.
• 3+ Years experience creating automation/workflows to scale security operations.
• 8+ Years of relevant experience preferred.
• Experience identifying and addressing telemetry gaps in security monitoring.
• Experience developing and supporting cybersecurity metrics and reporting to support security operations.
• Experience leading purple team exercises, including supporting risk hunting, telemetry validation and detection efficacy.
• Ability to lead complex incidents and evolve strategies based on new information.
• Advanced data analytical skills with the ability to investigate network, host, cloud and identity platforms.
• Ability to work independently within a globally distributed environment.
• Strong written and verbal communications skills with the ability to effectively collaborate with partner teams.
• Ability to quickly adapt to new methods, work under tight deadlines and stressful conditions.
• Ability to appropriately balance priorities, deadlines, and deliverables.
• Advanced investigative, analytical and problem solving skills.
• Advanced ability to set goals and handle multiple tasks, clients, and projects simultaneously.
• Ability to translate business needs and problems into viable/accepted solutions.

Technical Requirements:

• Windows, Mac, and Linux internals, Scripting (Powershell/Python/Javascript/Typescript), Forensic tools (FTK, Encase, X-Ways, SIFT), Cloud Computing (AWS), M365 Suite and ecosystem, Microsoft domain environments, IAM/AAA technologies and architectures (Active Directory, Okta, OpenID, SAML, Oauth, JWT), Physical and Virtual Networking technologies and architecture, SIEM (Splunk), EDR (CrowdStrike, Microsoft Defender)
• Experience with threat Intelligence Platforms and Feeds, Email security, DNS architecture and security required.
• Industry-level contributions (conferences, publications, tooling, seminars) preferred.
• Cloud Computing (GCP, Azure), Forensic tools (FTK, Encase, X-Ways, SIFT), Service Now preferred.
• Professional Industry certification preferred.