Description:
YOUR IMPACT
- Analyze Endpoint Detection and Response (EDR), Network, Cloud and other traffic and log data within a SIEM for potential threats or vulnerabilities.
- Perform monitoring, identification, investigation, documentation, resolution, and reporting of security events through prioritization of events based on risk/exposure, SOP and directives.
- Generating tickets and incident reports to external clients and Tier 3 analysts.
- Develop processes that align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center.
- Create custom content to enhance capabilities of security operations Center.
- Create custom analytics, dashboards, and reports.
- Respond to customer and Tier 1 escalations within target objectives.
What The Role Offers
Work closely with SOC teams, security engineering, and other stakeholders to share insights, collaborate on investigations, and improve detection and response capabilities.
Provide technical guidance and mentorship to L1 analysts and contribute to knowledge-sharing initiatives.
What You Need To Succee
- Bachelor’s degree in computer science, Cybersecurity, or related field; relevant industry certifications (e.g., CISSP, GIAC) preferred.
- Proven experience in a SOC (MSSP preferred)
- Experience with Endpoint Detection and Response (EDR) tools.
- Experience with an industry leading SIEM tool.
- Understanding of key IT/Cybersecurity concepts (Network Security, Security Operations & Administration, Managed Detection and Response, Incident Response & Recovery, Vulnerability Management, etc.)
- Good interpersonal skills to interact with customers, team members and support personnel.
- Strong analytical and problem-solving skills for investigating security issues.