Active Cyber Defense SOC Analyst (Level 1 / Level 2)

The SOC analyst will analyze security alerts and events from the Evolved Cyber Solutions ACD platform. You will be responsible for analyzing, identifying and eliminating customer security alerts.

You will require good analytical skills, good communication skills (written and verbal) and excellent technical skills.

The key differentiators between a Level 1 and Level 2 analysts are primarily depth and breadth of knowledge and experience. The more experienced and wider knowledge individuals will be considered level 2.

Responsibilities

  • Provide first and second level technical resolution for security alerts and SOC service requests
  • Log and record all alerts with integrated ticketing
  • Identify weaknesses in customer infrastructures and suggest improvements
  • Technical and analytical skills to handle security incidents and threats
  • Resolve or escalate incidents
  • Provide timely and reliable service to customers
  • Stay informed about the latest vulnerabilities, exploits and other threat information
  • Operation of the AlienVault USM platform
  • Integrate customer environments
  • Mentor and train customers using and operating the AlienVault USM platform
  • Document solutions, process, or procedures and present in written document, verbally on the phone, or in person


Desired Skills and Experience

  • Broad technical knowledge
  • 24x7 NOC / SOC experience, experience working with or for a MSSP is highly desirable
  • Experience with the AlienVault USM platform is highly desirable
  • Programming / shell scripting experience highly desirable (PERL, Python, Java, shell scripts, etc.)
  • Experience as a System and/or Network Administrator
  • Knowledge of configuring and implementing technical security solutions (Firewalls, IDS, Antivirus, Antispam, etc.)
  • Curiosity and strong desire to constantly learn
  • Bachelor’s degree or equivalent demonstrated experience and knowledge
  • Customer-oriented focus with a strong interest to satisfy our customers
  • Solid understanding of networking and security
  • Requirement for on-call work and working in a 24x7 environment
  • Security and networking familiarity with any of the following
    • Routing and networking
    • TCP/IP protocols such as SMTP, HTTP, POP3, IMAP
    • Command line interfaces
    • Linux user and administrator experience
  • Keen ability to troubleshoot technical and security problem