The #1 Site for Management Jobs - search all Management jobs.

Sr. SOC Analyst

Job Description

Top Skills Details

1. Senior SOC experience. Having the ability to respond and re-mediate escalated security alerts with a number of technologies including SIEM, Network, Server, and Endpoints. Being able to communicate across teams to respond to these alerts in a timely fashion.

2. Ability to choose and understanding of the process to select new security technology from beginning to end. This includes making recommendations to leadership, writing a scoping document, getting trial licenses, etc.

3. Malware and incident response experience. (Carbon Black in house)

Our client is looking to add a security analyst to their team. This person will report to the SOC Manager. This person will be on the SOC team and will be resolving elevated alerts handed over from jr analysts. The person will focus on threat detection and remediation. This company currently utilizes Carbon Black so prior experience administering this tool would be great but not necessary coming in. General security analysis experience is required for this role. This is an enterprise organization with facilities around the globe. This is a great opportunity for an individual to get their foot in the door on a tight-knit, highly skilled, security team. There are a lot of skilled people to learn from.

***Client Job Description***

Responds to elevated alerts after being given a synopsis from lower level analysts. Establish rapport with all teams across a global environment, in some cases where English is a second language. Interact closely with infrastructure (server) team, global network team, and desktop support teams to ensure alerts are fully remediated. Require excellent communication skills in writing and speaking. The ability to investigate all aspects of an incident from detection, and respond while analyzing each stage of the attack lifecycle being investigated. Be able to recognize and evaluate the risk severity rating beyond the level already indicated from lower tier analysts. Triage more critical risks readily and be available for 24-7 on call support after hours. Be able to write up incident response notes and full detailed reports on events after investigation is complete.

Be familiar with SIEM, endpoint, network intrusion prevention, firewalls, proxies, WAF, and SOAR technologies while responding to alert tickets. A good understanding of network layouts, protocols, investigation tools such as WMIC, bash, DOC, and PowerShell commands. Familiarity with Windows Active Directory infrastructure, organizational units, access control (rights and permissions), group policy objects, and more. Firm understanding of network subnetting, VLANs, and typical TCP/IP and other protocol network troubleshooting and investigative commands like tcpdump. Be able to implement and read network packet captures using tools like WireShark. Familiarity with threat actors and their motivators, the dark web, malware constructs and threat vectors, and be able to recognize abnormal file system and network behavior.



The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please call 888 472-3411 or email accommodation@teksystems .com for other accommodation options.

Job Requirements

 

Job Snapshot

Location US-NC-Winston-Salem
Employment Type Full-Time
Pay Type Year
Pay Rate N/A
Store Type Information Technology
Apply

Company Overview

TEKsystems, Inc

We’re partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services and real-world application, we work with progressive leaders to drive change. That’s the power of true partnership. TEKsystems is an Allegis Group company. Learn More

Contact Information

US-NC-Winston-Salem
R. Pena
Snapshot
TEKsystems, Inc
Company:
US-NC-Winston-Salem
Location:
Full-Time
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
Information Technology
Store Type:

Job Description

Top Skills Details

1. Senior SOC experience. Having the ability to respond and re-mediate escalated security alerts with a number of technologies including SIEM, Network, Server, and Endpoints. Being able to communicate across teams to respond to these alerts in a timely fashion.

2. Ability to choose and understanding of the process to select new security technology from beginning to end. This includes making recommendations to leadership, writing a scoping document, getting trial licenses, etc.

3. Malware and incident response experience. (Carbon Black in house)

Our client is looking to add a security analyst to their team. This person will report to the SOC Manager. This person will be on the SOC team and will be resolving elevated alerts handed over from jr analysts. The person will focus on threat detection and remediation. This company currently utilizes Carbon Black so prior experience administering this tool would be great but not necessary coming in. General security analysis experience is required for this role. This is an enterprise organization with facilities around the globe. This is a great opportunity for an individual to get their foot in the door on a tight-knit, highly skilled, security team. There are a lot of skilled people to learn from.

***Client Job Description***

Responds to elevated alerts after being given a synopsis from lower level analysts. Establish rapport with all teams across a global environment, in some cases where English is a second language. Interact closely with infrastructure (server) team, global network team, and desktop support teams to ensure alerts are fully remediated. Require excellent communication skills in writing and speaking. The ability to investigate all aspects of an incident from detection, and respond while analyzing each stage of the attack lifecycle being investigated. Be able to recognize and evaluate the risk severity rating beyond the level already indicated from lower tier analysts. Triage more critical risks readily and be available for 24-7 on call support after hours. Be able to write up incident response notes and full detailed reports on events after investigation is complete.

Be familiar with SIEM, endpoint, network intrusion prevention, firewalls, proxies, WAF, and SOAR technologies while responding to alert tickets. A good understanding of network layouts, protocols, investigation tools such as WMIC, bash, DOC, and PowerShell commands. Familiarity with Windows Active Directory infrastructure, organizational units, access control (rights and permissions), group policy objects, and more. Firm understanding of network subnetting, VLANs, and typical TCP/IP and other protocol network troubleshooting and investigative commands like tcpdump. Be able to implement and read network packet captures using tools like WireShark. Familiarity with threat actors and their motivators, the dark web, malware constructs and threat vectors, and be able to recognize abnormal file system and network behavior.



The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please call 888 472-3411 or email accommodation@teksystems .com for other accommodation options.

Job Requirements

 
HeadHunter Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using headhunter.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
Sr. SOC Analyst Apply now