Sign in

Security Operations Center (SOC) Analyst - RT

Absolute Opportunities
Hopkins, Minnesota, 55343, United States
February 14, 2018

Security Operations Center (SOC) Analyst - RT

Hopkins, Minnesota 55343

Position Purpose:

We are seeking an exceptional Junior Analyst for their world class Security Operation Center (SOC) which handles Cyber Security Alerts & Incidents originating from multiple sites. As a part of our Cyber Security Incident Response Team (CSIRT) s/he will be serving as the first line of defense, responsible for detecting and investigating cybersecurity threats to the Enterprise. This role provides an opportunity to work with advanced Network and Endpoint Detection and Response tools in support of a comprehensive cybersecurity program.We are looking for someone who is driven by the challenging demands of cybersecurity defense and seeks out new opportunities to develop technical acuity. If you are innovative and eager to learn in a rapidly evolving field, this is the place for you.This position will support the 24/7 coverage of the Security Operations, working the 11am – 7pm shift either Tuesday – Saturday or Sunday - Thursday.

Principal Accountabilities:

70% Monitoring and Operations• Perform real-time proactive security monitoring, detection and response to security events and incidents within the Enterprise Network• Conduct thorough investigation of security events generated by our detection mechanisms such as SIEM, IDS/IPS, AV• Utilize advanced network and host forensic tools in order to triage and scope an incident.• Categorize the events and raise necessary incidents after thorough quality check of the event.

20% Collaboration• Work closely with L2 and L3 Support and provide adequate information required for resolution. • Collaborates with the Cyber Security Incident Response Team on maintenance and fine-tuning of security platform functionality. • Collaborates with our Technology Governance, Risks, and Controls organization to integrate further datasets.

10% Research • Maintain situational awareness of latest cybersecurity threats, vulnerabilities and mitigation strategies.

Required Knowledge, Skills, and Abilities:

1. 1 or more years of experience in triaging information security alerts from tools like SIEM, DLP, Proxy and other CND security tools

2. Working knowledge of Windows and Linux OS to include experience working in the command line interface

3. Basic understanding of Operating Systems, Virtualization technologies, Network Devices, Cloud computing concepts, Web Proxies, Firewalls, Intrusion Detection/Prevention Systems, Antivirus Systems, Data Loss Prevention, Vulnerability Assessment tools SIEM tools functionality and logic behind creating rules and filters, integrating with different solution e.g. AV software, IDS, IPS etc.Network protocols, services, network vulnerabilities and attack patterns.

4. Knowledge of various cyber-attacks and recent hacking techniques

5. Possession of excellent analytical skills

6. Strong oral and writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports.

7. Ability to manage multiple tasks, priorities, and operational assignments in a high pressure environment.

8. Bachelor’s degree in Information Technology, Information Assurance or computer science or •Master’s degree in Information Technology, Information Assurance or computer science

9. Industry-recognized Information Security Certifications, including SANS GIAC Certifications, ideally GCIH, GCFA, GREM, CISSP, Security+

10. Present Salary?

11. Salary Expectation?

12. Must be a US Citizen or Green Card holder?