SOC - 3rd Shift

Qualifications

• 7+ years of proven experience in a SOC Analyst role
• 10+ years working in the Cybersecurity Domain, securing enterprise-level networks
• Industry certifications such as CYSA+, CEH, OWASP or GIAC certifications (preferred)
• Bachelors degree in Cybersecurity or related field (Master’s preferred)
• Advanced proficiency in security tools, including SIEM (Splunk or Devo), EDR (Carbon Black or CrowdStrike), IDS/IPS, and threat intelligence platforms.
• Excellent analytical, problem-solving, and communication skills
• Advanced experience with SIEM administration, including watch list creation, alerting tuning, threat feeds, use case development, and case/incident management.
• Proven experience working with leading EDR solutions, CAS, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP), DAM (Database activity monitoring)
• In-depth, hands-on experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management, Firewall Management, SANS/NAS, Web servers, IAM/AAA, IDS/HDS, System vulnerability scanning tools, Application/Database vulnerability scanning tools.
• Ability to analyze possible attack activities such as network probing/ scanning, DDOS, malicious code activity, and possible abnormal activities, such as worms, Trojans, viruses, etc., and coordinating remediation actions as necessary.
• Understanding and working knowledge of MITRE ATT&CK Framework and security forensics.
• Experience with security industry standards and best practices. Proven experience with the interpretation and implementation of those standards in a corporate environment.
• Strong knowledge of cybersecurity frameworks, regulations, and compliance standards (e.g., NIST, ISO 27001, FERPA)
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies, and standards, as well as risk-related concepts, to technical and non-technical audiences at various hierarchical levels.
• Understanding of network devices such as routers and switches. TCP/IP knowledge
• Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns.
• Ability to work effectively under pressure and in a fast-paced environment.