Security Operations Center Analyst - SOC Analyst

Position Summary

Under the guidance of the Global Director, Security Operations, assist with analysis, mitigation, escalation and processing of; but not limited to the below.

Specific areas of responsibility may fall into any one of the following areas of Security Operations, as assigned by the staff’s management.

• Security Analysis
• Identity Governance and User Lifecycle Management
• Threat and Vulnerability Management
• Network, Database, Server and Endpoint, and Application Security
• Information Security Framework compliance
• Audit Compliance
• Security Awareness
• Collection and analysis of metrics
• SIEM
• Antivirus and Antimalware analysis.

The Global SOC Analyst will have multiple security related roles within the organization. Their main goal will be to provide a secure computing environment for the organization to conduct their business. The global security operations team will have overlapping duties however each role will have more specifically focused duties. As such, the role and essential duties will fit into the below classifications most closely.

Along with the below responsibilities all Global Information Security Analysts will be responsible for monitoring security solutions, investigating and mitigating alerts according to run books, escalations and 24/7 incident and request handling. It is expected to work in shifts and on-calls in weekends. 

Threat and Vulnerability Management – monitoring, investigating and following up on vulnerability management. Not exclusive to patch management, 3rd party patch management, etc. Where applicable analyst will be responsible for identification of vulnerable assets and escalation to respective teams for mitigation

Security event detection and response – Monitor the tools necessary for SIEM, analyze alerts, document threats, provide mitigation according to prescribed run books and escalation where necessary.

Incident Management Process and Forensics – assist in providing forensic capabilities for the incident management process when needed. Monitor and manage infrastructure logging for security, including perimeter network devices, malware prevention, and intrusion prevention.

Endpoint Protection – Monitor endpoint protection tools, remediation where necessary according to defined run books, escalation to applicable parties where necessary.  

Requirements:

Required

• 2-5 years related experience in information security, risk, compliance, or similar position;
• Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering or related field;
• Knowledge of security technologies (encryption, data protection, network intrusion prevention, host intrusion prevention, firewalls, privilege access, etc.);
• Knowledge of enterprise IT security concerns and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, PKI, IPSec, Firewall, SSH, SSL, DES, LAN/WAN, and TCP/IP;
• Excellent level of English.

Preferred

• Master's degree in Information Technology, Computer Science, Engineering or related field
• Certification in Information Security (CISSP) practices and policies