The SOC L2 Analyst position is a valued member of the Information Protection and Risk Management team.
The Analyst is part of the SOC (Security Operations Center) team and works closely with other members of the IPRM program to develop and implement a comprehensive approach to the management of security risks.
This role is responsible for working with other Security Operations Center team members in responding to security events according to established policies and best practices.
Job Responsibilities
First level response for real time security alerts and events
Assist the Incident Response team in handling security events / incidents
Perform complex security investigations and root cause analysis
Data mining through use of SIEM or other data analytics solutions
Perform phishing investigations and response
Report generation around security events and metrics
Ensure that all security events are properly documented/tracked to meet audit and legal requirements
Develop documentation in support of response processes and/or procedures
Determine level of event severity and escalate as necessary
Qualifications
Azure/AWS security, GCIA, GCIH, or other GIAC certifications preferred
Practical understanding of network protocols and operating systems
Broad understanding of security mitigation solutions at all layers
Minimum Of Four Years Information Security Specific Experience
Bachelor's degree in information systems or equivalent experience
Ability to analyze large data sets to identify trends/anomalies indicative of malicious activity
Good understanding of application logic flow
Understanding or background in code development
Awareness of the current threat landscape
Self-driven and motivated with a strong passion for cybersecurity
Excellent verbal and written communications skills
Excellent problem solving and troubleshooting skills with a strong attention to detail
Ability to interact with personnel at all levels across the organization and to comprehend business imperatives
Ability to thrive in a fast-paced environment and capable of working under pressure
Experience in Security Operation Center/Incident response;
Splunk practical experience.
Good Communication Skills
customer facing calm even demeanor when challenged, proactive, team player who works well with others and work well collaboratively.
Able to challenge respectfully and look for opportunities for continuous improvement.
Call Notes
Top Skills:
SOC, Incident Management, Incident Response,
Certifications
GCIA, GCIH, GIAC, would be plus however its optional
Excellent Communication skills
Incident response issue main thing needed
Splunk any other tool is fine
Experience with any ticketing system is fine
Data recovery good to have
Financial background is good to have
Experience 4 minimum
Look for mid to senior roles
Data mining exp not necessary for this role
Seniority level
Entry level
Employment type
Contract
Job function
Information Technology
Industries
Staffing and Recruiting
Referrals increase your chances of interviewing at ICONMA by 2x