SOC ANALYST
BOSTON, MASSACHUSETTS (HYBRID - 2 DAYS WORKING ON-SITE)
NEGOTIABLE SALARY
Our client is a global leader in the Cyber Security space, based in Boston, USA and they are looking for SOC Analysts with experience of working for an MSSP to join their growing team of cyber professionals on a full-time, permanent basis, with a view to starting in early 2025.
RESPONSIBILITIES
The Security Analyst is responsible for providing security support as a member of the IT Security team. This includes the primary responsibility of monitoring and providing ticket responses for the entire Group enterprise as it relates to security.
Activities shall encompass ServiceNow ticket review and resolution/escalation. In addition, analysis and response of user-reported Phishing emails, troubleshooting and reporting, escalating and coordinating activities related to security issues.
This includes incident response activities, when necessary, in coordination with our Incident Response Plan (IRP). Other IT security responsibilities include Web Content Filtering, Microsoft Defender ATP, Carbon Black Protection (Bit9) and other security-related product support, as well as support to end-users.
Essential Duties
- Monitor, analyze, and troubleshoot system/application/network activity using a variety of tools including but not limited to:
- SIEM
- Endpoint Detection & Response Tools
- Application Whitelisting
- Endpoint and Network Monitoring
- Act as the first responder to tier 1 and tier 2 tickets and escalate as needed
- Monitor and analyze endpoint behaviour as related to security
- Coordinate all work through the use of a designated ticketing system (currently ServiceNow)
- Provide after-hours support as necessary
- Analyze SOC tickets and respond/escalate as needed
- Communicate and coordinate with disparate technology groups to facilitate troubleshooting efforts
- Provide support for cyber security with security incident investigations and corrective actions
- Augment the IT Security team to provide communications to the customer and senior management, and coordinate efforts among various IT Groups
- Assist in shifting non-security workloads to other IT teams
Skills, Knowledge & Abilities
ESSENTIAL
- 3 years+ experience in a SOC role working for an MSSP.
- Strong EDR & SIEM experience
- Attentiveness to detail, well-organized, and managing time efficiently
- Great teamwork and ability to communicate with others including non-technical users
- Familiarity with the MITRE ATT&CK Framework
- Knowledge of common Threat Actors, and related TTPs (LOLBIN's, etc.)
- Experience with triaging security alerts and incidents end-to-end
PREFERRED EXPERIENCE
- IR and/or Threat Hunting Experience
- Experience with some scripting technologies (PowerShell, Python)
- Familiarity with cloud technologies (Azure)
- Familiarity with Active Directory
***Due to the Christmas period, applications will be reviewed w/c 6th January 2025***