Cybersecurity SOC Analyst

Posted June 06, 2022
Apply: PGTEK


Working with a team of Incident Responders and Threat Intel analysts, you shall be responsible for not only remediating high severity security incidents but also playing a role in expanding initiatives like Threat Hunting and Threat Intelligence. You get to do all this while enjoying the company of team members in a culture where new ideas and calculated risks are strongly encouraged and appreciated.

Key Job Responsibilities
The Cybersecurity SOC Analyst must have significant experience in the security field with proven technical skills and experience in researching, validating, and responding to advanced threat actors. The ideal candidate will be a Subject Matter Expert in Cybersecurity Threat Detection and Analysis & Incident Response. In this role, the candidate will leverage all available data sources, security tools, and threat trends and, combining security monitoring and analysis techniques, will identify attacks against the organizations. Such efforts are intended to determine the source of the threat, the extent to which client assets have been compromised, and recommendations for and assistance with remediation.
  • Conduct advanced technical investigations for critical incidents paying attention to the specific analysis and fast remediation advice with a focus on improving the customer security posture
  • Conduct analysis of infected hosts or analyze network traffic to identify attacker activity
  • Handle specific forensic and malware analysis, as well as complex log analysis requests
  • Perform event correlation review through incoming data feeds, ticketing systems, and security alert mechanisms
  • Provide context on complex security incidents from Customer and other available resources, collect and assemble data, as well as contribute to technical reports
  • Utilize in-depth technical knowledge to design procedures for the detection of threat actor's behavior, as well as develop and implement standard technical procedures (runbooks) to be used by the Security Monitoring team for day-to-day operations
  • Perform Event Stream tuning utilizing internal tools, metrics, and experience involving key security concepts for systems efficiency
  • Review security-related events assess their risk and validity based on available network, endpoint, and global threat intelligence information
  • Research and make recommendations for applying MITRE ATT&CK and NIST framework-aligned strategies to the Customer's environment
Essential Requirements:
  • Multiple security certifications such as:
  • SANS GCIA, GCIH, CEH, ECSA, CISSP, Security+, etc
  • GREM, GCFE, OSCP (Threat Hunting specialist)
  • Typically requires 5+ years of related experience in a professional role
  • Solid knowledge of Incident Response, Traffic and Malware Analysis, Forensics, and analysis of security and infrastructure logs
  • Experience with Microsoft, Carbon Black, Secureworks, or Crowdstrike EDR/XDR toolsets
  • Understanding of SIEM, Vulnerability Management, Endpoint Security solutions, Linux and Windows operating systems, Honeypots, Sinkholes, and Malware Sandbox Technologies
  • Threat Hunting Experience
  • Incident Response Understanding
  • Understanding of threat intelligence and threat modeling concepts
  • Experience in working with ticketing systems, escalations and crisis situations, and continual service /operational improvement
  • Advanced knowledge of cybersecurity components, principles, practices, and procedures
  • Understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
  • Ability to research targeted threat groups and their tactics, techniques, and procedures (TTP)
  • Experience in conducting network traffic analysis and the detection of malicious code on endpoint systems
  • Ability to clearly communicate complex messages to a variety of audiences, and strong written and verbal presentation skills
  • Organizational awareness - understanding of organizational dynamics and the interactions among different stakeholders
  • Strong sense of tolerance of change, uncertainty, and urgency, and the ability to work under pressure
EOE, including disability/veterans