Security Operations Center Analyst
: Job Details :

Our client, headquartered in mid-town NYC, and is seeking to fill the role of SOC Analyst. As a trusted outsource of managed IT services, the company is focused in serving medium-to-large enterprises, supported by a fully-protected meshed network, Cyber-Defense (Compliance) protection, Cloud (private and public) services, and Next-Gen VoIP Telephony/UC capabilities.The primary focus of this position is to evaluate alarms and to act as a triage specialist. This involves reviewing alarms that are coming through the system to determine the levels of urgency. The SOC Analyst I will create tickets signaling a potential cybersecurity notification/event, then escalates to a tier II analyst to review. Some management of security monitoring tools will be expected.The position will be responsible for consulting our clients in a wide range of security domains, including penetration testing, vulnerability assessments, information security assessments, and network security. Maintaining proficiency in and awareness of security services, industry trends, tactics, techniques and procedures are expected. This individual serves a key role in providing a holistic view of an organization's IT security preparedness and response to cyber threats.Duties and responsibilities include, but are not limited to:- Administers information security controls and software such as endpoint protection, endpoint detection and response, intrusion detection/prevention (IDS/IPS), security incident and event management (SIEM), data loss prevention (DLP), and physical security systems- Responds to, investigates, and analyzes security events to determine appropriate actions- Analyzes security system logs, security tools, and available data sources on a regular basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning- Gathers information from other IT staff and non-IT staff to obtain information regarding security problems to networks, servers, endpoints, and applications- Performs incident response activities and ensure that proper protection or corrective measures have been taken when an incident has been discovered- Expected to stay current on security industry trends, new threats and attack techniques, mitigation techniques, and emerging security technologies- Provides insight and participate in security projects to evaluate and recommend security products for various applications and platforms throughout the organization while supporting business initiatives- Assists with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOP)- Improves security efficiency and streamline/automate work processes while working collaboratively with other team members and IT staff to accomplish objectives- Participates, as needed, in critical incidents and implementation reviews- May serve as a backup to other critical security positions- Additional responsibilities as identifiedRequirements: - Highly motivated to work in information security- 3+ years of experience in computer security, network security, or information security operations- Bachelor's degree in Information Technology or related field preferred; work experience and background will be considered in lieu of formal education- The desire to continuously improve processes and procedures and share information with the team- Experience with a Security Incident and Event Management (SIEM) tool is a plus- Experience with Endpoint Security tools is a plus- Incident Response, Forensics, and Malware Analysis experience is a plus- Strong knowledge of information systems security concepts and current information security trends and practices- Working knowledge of infrastructure security tools such as firewalls, network security monitoring, anti-malware, OS hardening, and so onFull comprehensive benefits plan