Previous Job
Previous
SOC Analyst
Ref No.: 17-03924
Location: Stamford, Connecticut
Position Type:Full Time
Pay Rate : $ 65,000.00 - 85,000.00 /Year
SOC Analyst  
Our Managed Services client in Stamford is looking for a Level 2 Analyst to support the Security Operations Center (SOC) by acting as the first channel to identify potential information security incidents after it has been triage by the helpdesk.
  • Monitors client sources of tipoffs for potential security incidents, health alerts with monitored solutions, and requests for information. This includes the monitoring of real-time channels or dashboards, periodic reports, email inboxes, INSC helpdesk or clients ticketing system, telephone calls, chat sessions.
  •  Follows client and incident specific procedures to perform full analysis of said potential security incidents to determine their nature and priority and eliminating obvious false positives, process health alerts, and process requests for information
  •  Follows same procedures to perform light, time boxed analyses of said potential security incidents, attempting to gather required information and eliminate false positives
  • Depending on escalation guidance and same procedures, escalates large scale potential security incidents to client personnel or INSC Level 3 team to assist with implementation and countermeasures in response to elevated risk to INSC or INSC client infrastructure or data, performs tuning such as SIEM, DLP, DDOS, and make recommendation where gaps are identified.
  • Documents all actions taken in a ticketing system 
  • Review and enforce security policies 
 
Qualifications of SOC Analyst
Required of SOC Analyst:
  • One or more years working in security information and/or technology engineering support experience
  • Experience with the following technologies: leading SIEM technologies, IDS/IPS, network and host based firewalls, data leakage protection (DLP)
  • Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
  • Understanding of common network devices such as routers, switches
  • Understanding of basic networking protocols such as IP, DNS, HTTP
  • Basic knowledge in system security architecture and security solutions
  • Linux experience is a plus
  • Knowledge of Splunk or Solarwinds SIEM is a plus
Preferred:
  • Certification include Certified Information Systems Auditor (CISA), Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), CISSP, Certified Ethical Hacker (CEH)
  • a great communicator (and you know how to handle challenging situations)
  • a flexible, resilient team player with strong interpersonal skills taking initiative to drive things forward
  • able to multitask and work on different projects in parallel
  • methodical, concise and accurate, with strong attention to detail
  • able to surface and address issues, control deficiencies and emerging risks
  • able to provide practical solutions to sustainably remediate and minimize risks and control deficiencies
  • able to work with tight deadlines
  • confident in dealing with colleagues and client at all levels, in multiple locations
Third Party Applications Not Accepted