SOC Analyst

Central Standard Talent is growing. We are looking for **Security Operations Center Analyst **.

Your role as a SOC Analyst is to build out and support the 24X7 monitoring operations and response to cybersecurity threats to protect data and assets. Proactively identify and assess threats to its users and systems, monitor its network for malicious activity, investigates intrusions and other relevant events, and maintain a detailed understanding of the evolving threat landscape.

**Responsibilities**:

- Monitor incoming event queues for potential security incidents; identify and act on anomalous network activity
- Perform analysis and correlation of logs/alerts from security instrumentation
- Detailed analysis and strong understanding of attack vectors, persistence mechanisms, and detection avoidance tactics
- Perform proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events
- Manage security incidents following documented Incident Response plans and playbooks
- Identify and onboard necessary log sources to ensure visibility across the enterprise
- Identify and implement security use cases and correlation rules
- Create dashboards, reports, and metrics
- Using tools such as EDR, AV, SIEM, IPS/IDS, HIDS, and other security systems as necessary
- Recommend implementation of counter-measures or mitigating controls
- Assist in vulnerability scanning and remediation management
- Assist in cloud security compliance scans and remediation management
- Regularly check the work queue for incoming assignments and complete all work daily and respond to work queue items utilizing pre-defined procedures

**Qualifications**:

- 3 years of experience as a SOC Analyst, Security Content Developer and/or Security Engineer
- Ability to understand systems quickly, and translate understanding into logic to detect anomalies with the system
- Experience with SIEM/MDR/XDR tools including deployment and management
- Deep understanding of Incident Response framework, root cause analysis
- Understanding of Linux, Windows, and Mac security concepts
- Knowledge of networking protocols and services such as HTTP, SSH, LDAP, FTP
- Working knowledge of Amazon Web Services (AWS) and Azure
- Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
- Working knowledge of vulnerability management processes and tools (e.g. Tenable/Nessus, Qualys)
- Must understand exploits, vulnerabilities, network attacks
- Previous experience with NIDS, HIDS and WAF desired
- Python/scripting and automation experience preferred
- Attention to detail
- Bachelor's degree in STEM fields or equivalent work experience

We will help you to be successful in your role by providing relevant training on security and technologies, supportive environment, and providing opportunities to take on new responsibilities in other areas of the security program.