SOC Analyst II

Role Summary

Security Operations Specialist II will identify and respond to IT security incidents. The individual will conduct threat hunting to identify otherwise undetected threats in the environment and will identify opportunities for improving infrastructure security and serve as IT Security Architect for assigned services.

Responsibilities

• Security Incident identification, handling, and management
• Detection and response to IT security incidents using available tools and technology
• Development and implementation of technology and tools to strengthen the detection and identification of threats and adapt to changing and developing threats
• Perform forensic investigations
• Investigation and response to security incidents
• Assistance and training to GSO-Americas and APAC in analyses of security incidents
• Data analyses to identify indicators of compromise and identify areas of improvement concerning IT Security
• Threat Hunting
• Conduct threat hunting activities utilizing search techniques and well known TTP of threat actors
• Utilize threat intelligence indicators and Mitre ATT&CK framework to form hunt searches looking for malicious activity
• Inform and conduct triage of any findings
• Contribute to and/or develop content (SIEM) recommendations
• Engage in improving infrastructure security
• Establishment and maintenance of relationships with internal security organizations (vendors, infrastructure, and security departments)
• Engage with Infrastructure Service Managers and Architects to improve infrastructure security
• Identify and communicate opportunities for improving infrastructure security

Qualifications

• A Bachelor’s degree in computer science, Information Systems, and or Electrical Engineering is required; relevant experience may be substituted for degree when appropriate
• A minimum of 4 years of progressively responsible relevant experience
• Excellent operational IT Security experience
• Experience in handling of major incidents
• Expert in incident response
• Ability to work independently and take ownership of all job assignments
• Ability to develop and maintain relationships within the global organization
• Ability to balance many concurrent tasks and deliver on agreed deadlines

Skills

• IT security incident management
• Threat hunting and intrusion detection
• Forensic investigation
• SIEM and security tooling expertise
• Threat intelligence and MITRE ATT&CK framework
• Communication and training across global teams
• Relationship building with internal and external security partners

Education

• Bachelor’s degree in computer science, Information Systems, or Electrical Engineering (required)

Additional Requirements

• 0-5% overnight travel required