Job Description-SOC Analyst
Cyber Chasse Inc has open positions for incident responders and network security monitoring analysts in a 24x7x365 Security Operations Center (SOC). Responsibilities will include, but not be limited to cyber/network security analysis, monitoring and incident response.
Security Analysts work with and learn from experienced security team leaders and use the latest technology to detect, analyze and limit intrusions and security events. Candidates must be willing to work in a 24x7x365 SOC environment, demonstrate intuitive problem-solving skills and allow for flexible scheduling. The SOC Analyst must be competent to work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.
- Performs network security monitoring and incident response for numerous clients.
- Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
- Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation.
- Creates, modifies, and updates Security Information Event Management (SIEM) rules.
- Recognizes potential, successful and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Evaluates/deconstructs malware (e.g. obfuscated code) through open-source and vendor provided tools.
- Communicates alerts to clients regarding intrusions and compromises to their network infrastructure, applications, and operating systems.
- Prepares briefings and reports of analysis methodology and results.
- Creates and maintains standard operating procedures and other similar documentation.
- Consolidates and conducts a comprehensive analysis of threat data obtained from classified, proprietary and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
- Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
Qualifications,Education and Core Competency Requirements
- 0-2 years of related experience in information technology and/or information security preferred.
- Willingness to learn and continually improve skills to ensure the success of the business and its objectives.
- Excellent analytical and problem-solving skills as well as interpersonal skills to interact with customers, team members, and upper management
- Good understanding of cyber security incident response and network security monitoring
- Fundamental understanding of computer networking (TCP/IP), knowledge of windows, Linux and cisco operating systems and information security;
- Knowledge of intrusion detection systems (ids) and SIEM technologies;