SOC Analyst L2

3Columns is a specialist cybersecurity firm that delivers a wide range of services, including security assurance, security governance, professional services, and managed services. Solutions include managed security services, offensive security services, cybersecurity consulting, and professional services to assist customers in deploying all the required controls. The core services delivered by the SOC are Managed Detection and response and Incident Response.

About the Role:

3Columns is seeking a SOC Analyst to join their team remotely. They will be responsible for expanding the business by delivering outcome-based engagements to various clients and proactively improving the Managed SOC and SIEM capabilities within the organizations they are engaged with. The SOC analyst will work with the team to assist clients in investigating the logs, creating playbooks, and proactively notifying the customers. Have experience or understanding of a wide range of technologies such as Office365, InTunes, MS Defender, Rapid7 SIEM, Vulnerability Management, Mimecast, CrowdStrike and SentinelOne to support the business and help drive the success of organizational business strategies. The successful applicant will become integral to each client's cybersecurity strategy, developing strong relationships and becoming a trusted partner within each organization.

To be successful in this role, you will have the following:

• Minimum of 4 years of experience.
• String experience with investigation and Incident handling.
• Strong Log analysis capability.
• Experience with investigations related to Malware alerts, Phishing emails, Suspicious logins, etc.
• Experience in security tools and technologies such as SIEM, IDS/IPS, Firewalls, and Vulnerability Management
• Experience in scanning for vulnerabilities
• Hands-on practical knowledge of EDR such as MS Defender, CrowdStrike, SentinelOne
• Understanding of MITRE attack framework and related Techniques.
• Some understanding of Digital Forensics or desire to learn the technology.
• Good understanding of SIEM solutions such as Rapid7, Azure Sentinel, Wazuh or Graylog.
• Desire to excel in career and learn new tools and technology

Personal Skills

• Must be forward-thinking in terms of vision for the business and team culture.
• Come up with innovative ideas to deliver services to the customer
• Ability to speak about security and recommend security controls to experienced security professionals and executives confidently and accurately.
• The ability to work as part of a team.
• Flexibility and motivation to work across various types of engagements.
• The ability to multitask and service multiple clients at once.
• Is detail-orientated, self-motivated and can work independently.