Senior SOC Analyst

The Senior SOC Analyst will work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting and participate in security investigations. The Senior SOC Analyst will perform tasks including monitoring, threat intelligence research, incident response, automation and SIEM maintenance. The Senior SOC Analyst should have familiarity with the principles of cloud computing, network and endpoint security, current threat and attack trends, and have an advanced understanding of security principals such as defense in depth.

Requirements

• BSc/BA in Computer Science, Information Technology, or related Security field.
• Professional training and certifications (Security+, CYSA+, GSEC, GCIH, CISSP) is a plus.
• At least 3+ years of experience working with information systems security and related technologies.
• Thorough understanding of the OSI model and Cloud Computing technologies.
• Experience implementing, maintaining and enhancing SIEM solutions such as Splunk, SumoLogic or Azure Sentinel.
• Scripting ability in multiple languages such as Python and Powershell.
• Recent experience with incident response process creation, understanding and involvement.
• Ability to create automation when needed for maximum process efficiency.
• Recent active role in forensic investigation and incident response events and exercises.
• Great communication skills, including written deliverables, oral presentations, and the ability to facilitate crucial conversations at all levels of the organization.

Responsibilities

• Maintain, improve and mature SIEM systems to include but not limited to log ingestion, parsing, alerting creation and maintenance, dashboard creation and report generation.
• Monitor computer networks, cloud systems, and SaaS applications for security issues and investigate violations when and if one occurs.
• Work with the Information Security team to support penetration tests and enhance findings or areas of focus.
• Create aggregated vulnerability reports to distribute current security posture to stakeholders for remediation and leadership for governance.
• Research security enhancements and make recommendations to the Security team by testing and evaluating new technologies.
• Monitor and respond to emerging threats while ensuring real time security threat feeds are reviewed and implications to eMed are reviewed.
• Utilize forensic tools to properly respond to realized threats or investigation inquiries.
• Facilitate incident response activities upon confirmation of true positive alerting or reports.
• Demonstrated problem-solving and analytical skills.
• Advanced understanding of security cloud services, container and multi-tier web applications, data lakes, and database systems.
• Proficiency with a broad array of security software applications and tool such as: Extended Detection and Response (EDR), Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Identity Access Management (IAM), Threat Intelligence and Vulnerability Management.
• Experience in information security policies, processes, procedures, systems, methodologies, and best practices.
• Ability to initiate and drive incident response engagements to conclusion to include lessons learned.
• Understanding of cyber security regulations: state/federal laws.
• Ability to manage ambiguity and apply problem-solving skills.
• Ability to establish and maintain internal and external relationships.
• Ability to work under pressure and demonstrated ability to meet critical deadlines.
• Ability to partner with others and lead others not reporting to you directly.
• Develop in-depth technical knowledge of Information Security principles and processes.

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA) with Company Match
• Life Insurance (Basic, Voluntary & AD&D)
• Unlimited Paid Time Off
• Short Term & Long Term Disability
• Training & Development
• Free Food & Snacks
• Wellness Resources