Lead SOC Analyst at TransUnion
What We'll Bring:
At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation – we’re consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.
Come be a part of our team – you’ll work with great people, pioneering products and cutting-edge technology.
What You'll Bring:
- 3-5 years of Network/Security/Incident Response experience.
- Advanced Operating System and Network knowledge.
- Experience identifying, investigating, and responding to complex attacks
- Experience with investigative technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools
- Knowledge of at least one scripting language.
- Any Security related certification(s)
- Ability to work independently as well as collaboratively within a team.
- Ability to quickly grasp high-level technical concepts.
- Good communication and interpersonal skills.
- SANS SEC503: Intrusion Detection In-Depth (nice to have)
- SANS SEC504: Hacker Techniques, Exploits & Incident Handling (nice to have)
Impact You'll Make:
- Analysis, ownership of investigations through remediation.
- Monitoring of infrastructure-related security events across organization within a 24x7 support teams.
- Work events escalated by Tier 2 analysts or high severity user reported events.
- Provide prolonged, in-depth analysis of potential intrusions or security events, leveraging various data artifacts to determine the context of an event.
- Hands on security alerts creation and maintenance, workload automation.
- Maintain accurate and complete records of incidents and investigations.
- Execute incident response processes to respond to security threats and attacks.
- Create detection and mitigation rules based on indicators of compromise that align with industry threats.
- Assist in the design, evaluation, and implementation of new security technologies.
- Update incident response playbooks to minimize gaps in response processes.
- Extract and analyze malware to determine their nature.
- This may include either static code analysis or runtime/execution analysis or both.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.