Sr. SOC Analyst JD:
Senior level SOC analyst, mentoring three junior analysts. Develop and maintain SOC processes, playbooks, and standard operating procedures to ensure consistent and effective response to security events.
Monitoring and analysis of security events to detect and respond to threats. Ensure timely and effective responses to security events, including root cause analysis, containment, eradication, and recovery. Coordinate with other departments, ensuring clear communication and alignment.
Collect and analyze forensic artifacts, including memory and disk images to identify malicious activity. Gather evidence for legal and investigative purposes.
Continuously improve SOC operations by evaluating and implementing new tools, technologies, and methodologies. Automate workflows using PowerShell, regular expressions, and API.
Integrate threat intelligence into SOC operations, ensuring that the team is aware of and prepared for emerging threats. Oversee the creation and refinement of detection rules, ensuring they are aligned with MITRE ATT&CK Framework. Lead efforts to identify gaps in monitoring and develop strategies to enhance detection capabilities.
Work closely with the IT and cybersecurity teams to ensure alignment on security strategies and initiatives
- 7+ years of security operations experience
- Proficiency with Splunk SPL, PowerShell and API
- Knowledge of network and endpoint security, threat intelligence, and vulnerabilities
- Knowledge of sandbox and malware analysis
- Understanding of TCP/IP, firewalls, IPS and networking
- Certifications such as CISSP, CISM, GIAC Security Operations Certified
- Pragmatic problem solver and organizer
- High level of integrity, professionalism, and attention to detail
- Ability to communicate complex security issues to peers and management alike
