Our client is an enterprise company with 12k+ employees across the globe and is HQ’d here in the US.
This role is 100% remote but must sit in a few selected states in the US. All candidates must live/ have residence in the following states :
(Arizona, Nevada, Illinois, Indiana, Iowa, Kansas, Louisiana, Mississippi, Ohio or Pennsylvania)
Must be a US Citizen- company faces federal regulatioins and requires longer background
The ideal candidate has 7+ years of SOC IR Experience within an enterprise and compliance-focused organization. Ideally, this individual has lead experience and also be very familiar with Splunk and automation. Should also have good work tenure throughout their career, have great communication skills, be a US Citizen, and live in one of the states listed above.
Responsibilities
- Developing and mentoring the SOC L1 – L3 Security Analysts, ensuring processes are followed, updating and creating new processes as needed, setting and tracking metrics, and driving new detections/use cases from the SOC Analyst perspective
- Serves as an escalation point of contact for L1 , L2 and L3 Security Operations Center (SOC) analysts
- Work collaboratively with multiple teams as well as subject matter experts to include threat hunters, counter-threat Intelligence analysts, incident responders and forensic investigators
- Stay current with and remain knowledgeable about new threats. Analyze threat actor tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems
- Utilize security models and frameworks for documenting and tracking purpose
- Leverage automation and orchestration solutions to automate repetitive tasks
- Assist with incident response as events are escalated, including triage, containment, remediation and documentation
- Collaborates with the owners of cyber defense tools to tune systems for optimum performance and to maximize detection and prevention effectiveness. and minimize false positives
- Work alongside other security team members to search for and identify security issues generated from the network, including third-party relationships
- Investigate and document events to aid incident responders, managers and other SOC team members on security issues and the emergence of new threats
- Coordinate with all relevant personnel to obtain pertinent vulnerability information and findings
- Stay abreast of all current and new vulnerabilities and which cyber actors have exploited them
Minimum Requirements
- 5-7 years of information security monitoring experience.
- Experience working in a 24x7 operational environment, with geographic disparity preferred.
- Experience working with SIEM systems, Endpoint Detection and Response (EDR) solutions, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), Data Loss Prevention and other network and security monitoring tools.
- Experience with security monitoring controls, methodology, and event remediation/resolution.
- Take ownership of the team's infrastructure making sure it is up to date and operating as expected.
- Be involved in the evaluation and design of new tools
- On-board security log data and tune the SIEM platform.
- Extend functionality of tools by deploying API integrations and automation tasks
- Develop detection strategies and deploy alerting to identify malicious activity
- Assist with the team's main responsibilities by contributing during triage and incident response.
- Participate in and lead training activities, working groups and knowledge sharing with other members in the team
- Proven experience as an engineer working with cyber security-related infrastructure and tooling
- Cloud Security knowledge
- Bachelor degree preference
- Security Certs are great too (CISSP, CEH etc)
This role is 100% remote but must sit in a few selected states in the US. All candidates must live/ have residence in the following states :
(Arizona, Nevada, Illinois, Indiana, Iowa, Kansas, Louisiana, Mississippi, Ohio or Pennsylvania)
