Security Operations Center Analyst Job Number: 24-01924 Eclaro is looking for a Security Operations Center Analyst for our client in Remote, NY. Eclaro's client is a major technology firm with a prominent presence in large and fast-growing markets, providing products and services that enable businesses and economies to thrive. If you're up to the challenge, then take a chance at this rewarding opportunity! Position Overview:
- Will be a member of a dedicated security team within client. In this role, will support a dedicated 24x7x365 operation for a client program.
- Responsible for monitoring for alerts for potential threats and security anomalies, analyzing content of those alerts and providing a written analysis for each.
- Work closely with Tier 2 SOC analysts who will serve as their escalation point.
Responsibilities:
- Specific job duties include:
- Perform Security Monitoring, Analysis and Response
- Support incident investigations, response, and reporting
- Security Reporting
- Vulnerability Analysis
- SOC ticket queue management
- Document actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed
- Analyzing system and network logs for security events, anomalies, and configuration issues.
Required Experience:
- Experience working with SIEM technology to monitor and manage security events.
- Background in incident response, system/network operations and threat intelligence.
- Experience utilizing enterprise security technologies such as SIEM/SOAR, NGAV/EDR, Vulnerability Scanners, and Threat Intelligence Platforms.
- Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.
- Experience SOC operations including but not limited to: Alert and notification activities- analysis / triage / response, Review and action on Threat Client for IOCs and other operationally impactful information, initial review and triage of reported Incidents
- Experience and ability to use and follow Standard Operating Procedures (SOPs)
- In-depth experience with processing and triage of Security Alerts; from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Client Sources
- Experience and solid understanding of Malware analysis
Requied Skills:
- Understanding of possible attack activities such as network reconnaissance probing, DDOS, malicious code activity, etc.
- Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response
- Demonstrated experience with triage and resolution of SOC tasks; including but not limited to: vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis
- Demonstrated experience and understanding of event timeline analysis and correlation of events between log sources
- Demonstrated experience of the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools
- Demonstrated proficiencies with an enterprise SIEM or security analytics solution including the Elastic Stack or Splunk.
- Solid understanding and experience analyzing security events generated from security tools and devices not limited to: CrowdStrike and Palo Alto
- Understanding of security incident response processes
- CEH , CFR , CCNA Cyber Ops, CCNA-Security, CySA+ ** , GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+
- Understanding and experience with Federal Security Standards such as NIST and DoD
- Understanding and experience with FedRAMP Cloud Security Requirements
If hired, you will enjoy the following Eclaro Benefits:
- 401k Retirement Savings Plan administered by Merrill Lynch
- Commuter Check Pretax Commuter Benefits
- Eligibility to purchase Medical, Dental & Vision Insurance through Eclaro
If interested, you may contact: Melissa Francisco ...@eclaro.com 646####### Melissa Francisco | LinkedIn Equal Opportunity Employer: Eclaro values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.