SOC Analyst – 1st Shift-INF0001ZJ
Job Summary
Individual contributor for First shift (US Morning hours) focused on proactively finding adversary activities in the network with the goal of discovery before they complete their mission. The ideal candidate would have skills and experience in log analysis, network traffic analysis, and MITRE attack framework.
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:
- Conduct real-time and historical analysis using the full security suite owned by CNA including Endpoint Protection, SIEM, Firewall, Endpoint Detection & Response, Intrusion Detection Systems, Email Gateway, Web Content Filtering & Identity Management technology.
- Conduct incident response triage analysis on suspected hosts to determine potential ongoing attacks and its scope.
- Stay on top of latest attacker tactics, techniques and procedure to discover sophisticated threats in the network.
- Collaborate with SOC, Intelligence, Incident Response and Enterprise Security Teams for incident investigations and hunt missions when possible.
- Identify visibility gaps in the network and recommend solutions.
- Manage day-to-day activities of the SOC Team regarding: Security Monitoring, Investigations and Response, and Threat and Vulnerability Intelligence.
- Coordinate escalation for advance forensics, malware reverse-engineering, and additional host review tasks to third party vendors.
- Articulate security incident details to business stakeholders and non-technical individuals.
- May perform additional duties as assigned.
Reporting Relationship
Typically Director or above
Skills, Knowledge & Abilities
1. Solid understanding of security policy construction and publication.
2. In-depth knowledge of regulations (i.e., SOX, privacy, etc.) and internal controls as they apply to IT.
3. Ability to influence change in corporate understanding and adoption of information security concepts.
4. Proven solid analytical and problem solving skills.
5. Excellent communications and interpersonal skills and the ability to work effectively with peers, IT management and staff, and internal/external business partners/clients.
6. Ability to manage various technical projects to completion.
7. Advanced computer skills including Microsoft Office suite and other business related software systems. Other technologies will apply dependent on business area supported.
8. Preferred insurance industry knowledge.
Education & Experience
1. Bachelor's degree in Computer Science, or related discipline, or equivalent work experience.
2. Typically a minimum of seven years of technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination.