Security Operations Center Analyst
Start a Rewarding Career with Alliant
What will your day look like?
You will be responsible for monitoring and responding to security events. The SOC Analyst receives, researches, triages, and documents all security events and alerts as they are received. The incumbent supports multiple security-related platforms and technologies, interfacing with others within the IT organization and other internal business units and external customers/partners. Events will be generated from endpoints, networks, security information and event management (SIEM) systems, threat intelligence platforms, employees, third-parties, and other sources. The SOC Analyst also receives information sharing and analysis center (ISAC) information and is expected to hunt for potential compromise across the infrastructure. Resources to do the job require the ability to display an in-depth understanding of new trends and technologies related to IT security and compliance and contribute to the company IT security strategy and roadmap. General direction is received from the Senior Manager, Security Operations.
Responsibilities
Do you see yourself doing this?
- Monitor and process responses for security events on a 24x7 basis
- Participate in the execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention)
- Remain current and knowledgeable about new threats; analyze attacker tactics, techniques, and procedures (TTPs) from security events across an extensive heterogeneous network of security devices and end-user systems
- Ability to investigate network security incidents
- Leverage automation and orchestration solutions to automate repetitive tasks
- Assist with incident response as events are escalated, including triage, remediation, and documentation
- Aid in threat and vulnerability research across event data collected by systems
- Investigate and document events to aid incident responders, managers, and other SOC team members on security issues and the emergence of new threats
- Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships
- Share information as directed with other team members and ISACs
- Seek opportunities to drive efficiencies
- Manage security event investigations, partnering with other departments (e.g., IT), as needed
- Evaluate SOC policies and procedures, and recommend updates to management as appropriate
- Adhere to service level agreements (SLAs), metrics, and business scorecard obligations for ticket handling of security incidents and events.
- Partner with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities
- Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security, and data networking, to offer global solutions for a complex heterogeneous environment
- Maintain working knowledge of advanced threat detection as the industry evolves
Qualifications
What makes you a great fit?
You’ll be a great fit if in addition to the completion of a High School degree or equivalent required, Bachelor’s degree preferred, and you have:
- Four years relevant technical experience preferred
- Experience driving measurable improvement in monitoring and response capabilities at scale
- Experience working with SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP, and other network and system monitoring tools
- Knowledge of a variety of Internet protocols
- Working knowledge/experience with network systems, security principles, applications, and risk and compliance initiatives such as Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), and the General Data Protection Regulation (GDPR)
- Demonstrate highly effective communications skills with the ability to influence business units
- Demonstrate an analytical and problem-solving mindset
- Highly organized and efficient
- Leverage strategic and tactical thinking
- Work calmly under pressure and with tight deadlines
- Demonstrate effective decision-making skills
- Required certification SANS GCIH or GCIA; CISSP a plus
When you’re happy, we’re happy!
As a thank you for joining our team, you’ll benefit from:
- Competitive medical, dental, and free vision benefits
- Competitive compensation plan
- Contributions towards gym memberships
- Generous PTO and banking holidays off