Soc Analyst

Job Description

Description The Information Security Analyst will work under the direction of IT Security management in the implementation and monitoring of security tools and infrastructure solutions. This mid-level hands-on role requires someone with 3 to 7 years of IT Security technical experience in a mid to large corporate environment. He/She will have a strong understanding of information security, Firewalls, Routers, Switching, IDS, SIEM, VPNs, Encryption, Vulnerability scanning, Virus and Malware, VLAN, AD, DMZ’s, Proxies, VMware and Access Control technologies. Primary Responsibilities IT Security - Monitor and analyze security alerts / logs and information, escalating as needed. Monitor and control access to secure data and segmented network environments. This individual will be responsible for conducting penetration tests and vulnerability assessments. Configure security devices and tools following management guidelines and vendor specifications. Test proposed security configurations and changes in the IT Security laboratory. Analyze, respond to, and lead security incidents, including Application and Network attempted and realized breaches. Conduct regular security vulnerability scans of wired & wireless network infrastructure and data. Recommend IT Security solutions as needed. Disaster Recovery - Assist the DR team in the DR process as needed. Provide IT Security support to the DR team as needed. Participate in quarterly DR tests. Reporting - Monitor, gather and report on IT Security related incidents and provide regular activity reports. Report on the status of Remediation work related to the implementation, change, retirement or upgrade of IT Security and DR controls and processes. Soft Skills This position involves a high level of interaction with all levels of the organization. The candidate must be able to multitask in a cooperative / collaborative multicultural environment and must be familiar with delivering security solutions following standards based frameworks (ISO 27000, NIST, COBIT or SANS) with clearly defined controls and processes. The ability to work on long term multi-stage projects will be crucial to his/her success as well as good verbal and written communication skills. Technical and Educational Experience Bachelor’s degree in Computer Science, Business Administration, or equivalent work experience. Minimum of 3 years’ experience in Information Security. Certifications, such as CISSP, CEH, GCFE, GPEN, GWAPT, CompTIA security, preferred or able to obtain within 9 months of employment. Experience with SIEM and Log management (Splunk, Syslog, Events Logs, ELK, etc.) Understanding of Automation and Machine Learning concepts Familiarity with security configurations for Microsoft Windows Networks – Microsoft Windows. Cisco Firewalls and Routers and Linux. Familiarity or hands-on experience with Nessus, Tripwire File Integrity Monitoring, IAM, WireShark, MS-Data Protection Manager, Next Generation AV tools, EDR.