SOC Analyst I | Remote, USA

Optiv Securityposted 10 months ago
Full-time • Entry Level
Remote • Chicago, IL
Professional, Scientific, and Technical Services
Resume Match Score
Upload and Match ResumeTrack Jobs with Teal

About the position

The SOC Analyst I position at Optiv is a fully remote role that requires shift flexibility, including the ability to rotate between days, mids, and nights. This position is part of a team that provides 24/7 support, ensuring that security incidents are monitored and addressed promptly. The Threat Analyst will be responsible for intrusion and incident monitoring and detection, utilizing customer-provided data sources and various audit and monitoring tools at both government and enterprise levels. The role involves close collaboration with Technology Analysts and Architects to effectively service customers and address their security needs. In this role, the SOC Analyst will document and report on potential security incidents identified in customer environments, providing a detailed timeline of events. The analyst will work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Acting as a coordinator for security events that require urgent response, containment, and remediation is a critical aspect of this position. The analyst will also provide analysis on various security enforcement technologies, including SIEM, anti-virus, content filtering, malware prevention, firewalls, and intrusion detection systems. The SOC Analyst I will perform knowledge transfers, document, and train clients on the mitigation of identified threats, while also providing ongoing recommendations to peers and customers on tuning and best practices. Active research on current threats and attack vectors being exploited in the wild is expected, along with collaboration with other analysts to investigate escalations. This role is essential in maintaining the security posture of clients and ensuring that they are well-informed about potential threats and vulnerabilities.

Responsibilities

  • Provide intrusion/incident monitoring and detection utilizing customer provided data sources and monitoring tools.
  • Document and report on potential security incidents identified in customer environments and maintain a timeline of events.
  • Work with partners to understand security threats, vulnerabilities, and exploits that could impact systems, networks, and assets.
  • Act as a coordinator for security events requiring urgent response, containment, and remediation.
  • Analyze various security enforcement technologies including SIEM, anti-virus, content filtering, malware prevention, firewalls, and intrusion detection systems.
  • Perform knowledge transfers, document, and train clients on threat mitigation strategies.
  • Provide ongoing recommendations to peers and customers on tuning and best practices.
  • Research current threats and attack vectors being exploited in the wild.
  • Collaborate with other analysts to investigate escalations.

Requirements

  • US Citizenship is required for this role.
  • Three or more years of full-time professional experience in the Information Security field.
  • Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment as a point of escalation.
  • Excellent time management, reporting, and communication skills, including customer interactions and executive presentations.
  • Data analysis experience using SIEM, database tools, and Excel.
  • Experience troubleshooting security devices and SIEM.
  • Ability to create and maintain content within SIEM environments and make recommendations to clients to improve visibility.
  • Experience with IDS monitoring/analysis using tools such as Sourcefire and Snort.
  • Familiarity with SIEM platforms such as QRadar, LogRhythm, McAfee/Nitro, ArcSight, or Splunk is preferred.
  • Understanding of direct and indirect attacks, including SQL Injection and cross-site scripting.
  • Experience with web-based attacks and the OWASP Top 10, Network Based DoS, Brute force, and Denial of Service attacks.
  • Familiarity with SANS top 20 critical security controls.
  • Understanding of enterprise Windows security, including Active Directory and common mitigation controls.

Nice-to-haves

  • Experience with commercial AV solutions such as McAfee/Intel, Symantec, Sophos, or Trend Micro.
  • Familiarity with web-based exploit kits and methods employed by them.
  • Understanding of Advanced Persistent Threats and targeted malware.
  • Experience with malware protection tools such as FireEye.

Benefits

  • Work/life balance
  • Professional training resources
  • Creative problem-solving opportunities
  • Volunteer opportunities through "Optiv Chips In"
  • Technology necessary to work remotely
Build your resume with AI

A Smarter and Faster Way to Build Your Resume

Go to AI Resume Builder

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service