Role Overview
Information Security SoC Tier I Analyst will be a key team member within the Information Security Office. His or her skills and judgement early in the triage phase will determine the time to detect and time to respond to breaches. In addition, the new hire will contain breach or malware prior to infiltrating and impacting the organization. He/She will monitor systems to alert, manage, and report on potential system and data breaches. Additional duties will include and not limited to assisting with implementation of company cybersecurity strategy, preparations of key metrics and operational security reporting. Ensuring the highest standards for IT security projects are implemented and maintained. He/She will demonstrate working knowledge of current enterprise technologies and security best practices.
Key Responsibilities
- Monitor security alerts from SIEM and other security tools.
- Triage security alerts from ITSM and SWFM systems.
- Assign initial priority to security events.
- Close out low priority security events in consultation with Tier 2 SoC analyst.
- In case of doubt or suspicion of a serious security nature, gather all information including initial analysis and escalate to Tier 2 SoC analyst.
- Participate in containment and remediation activities after a security incident.
- In the case of a serious security incident, be prepared to work beyond normal hours.
- Conduct periodic vulnerability assessments and co-ordinate remediation effort with the IT operations team.
- Generate monthly Cybersecurity status report with feeds from various security tools.
- Participate in threat hunting and red-team/blue/purpleteam exercises.
Requirements
- A Baccalaureate Degree or Post-graduate from an accredited university in Computer Science, Engineering or related field of study.
- Five plus years’ experience in cybersecurity, utilizing security tools and cloud environment experience.
- Related certificates in security.
- Experience with implementing and configuring security tools.
- Experience with testing and evaluating security products.
- Working knowledge of IT-related and compliance mandates (e.g. Sarbanes Oxley, HIPPA, GDPR, CCPA, PIPL, HGR, PCI DSS, FDA) is desired.
- Must have knowledge of security frameworks and standards (NIST, ISO, CIS, CoBit).
- Must know NIST IR end to end standard.
- Experience the following (Azure AD, ADFS, SSO, Multi-factor authentication, SAML, PAM).
- Excellent analytical and technical skills.
- Professional planning and organizational skills, including presentation and strong written communication.
- Ability to communicate technical information in understandable business terms.
- Great interpersonal skills, including teamwork, facilitation and negotiating skills.
- Ability to positively influence the behavior of peers and build relationships with other teams without direct authority over those teams.
Job Type: Contract
Schedule:
Work Location: In person