(SOC) Security Operation Center Analyst

$70,000 - $90,000/Yr

Alvarez & Marsal - Atlanta, GA

posted about 2 months ago

Full-time - Mid Level
Atlanta, GA
5,001-10,000 employees
Professional, Scientific, and Technical Services

About the position

The Security Operation Center (SOC) Analyst position at Alvarez & Marsal is a critical role within the Global Security Office (GSO). The selected candidate will work closely with the SOC Manager and will be integral to maintaining the security and integrity of the firm's operations. This position is based in the United States and requires the individual to operate within a global 24x7 Security Operation Center environment, which includes both in-house and outsourced SOC functions. The SOC Analyst will be responsible for real-time alert monitoring, responding to the ticket management queue, and providing Incident Response (IR) support when actionable incidents are confirmed from either the outsourced SOC or internal systems. In addition to monitoring and responding to alerts, the SOC Analyst will analyze and trend security log data from a diverse array of security devices across various layers. This role also involves conducting threat and vulnerability analysis, investigating and documenting information security issues, and reporting on emerging trends. The analyst will need to analyze previously undisclosed software and hardware vulnerabilities and integrate information with other analysts and teams. Participation in security projects and collaboration with stakeholders is also expected, along with the ability to be part of a weekend on-call rotation. Other responsibilities will be assigned through the ticketing system as needed. The ideal candidate will possess a strong background in security operations, with a focus on methodologies and technical solutions. They will be expected to develop thorough documentation and operational playbooks, suggest alert enhancements, and communicate effectively in both written and verbal formats. The role requires adaptability to change and the ability to work independently while also being a team player. Experience working with external vendors and a solid understanding of system and network hardening practices are also essential.

Responsibilities

  • Work in a global 24x7 Security Operation Center (SOC) environment consisting of in-house and outsourced SOC.
  • Perform real-time alert monitoring and respond to the ticket management queue.
  • Provide Incident Response (IR) support for actionable incidents from the outsourced SOC and/or internal systems.
  • Analyze and trend security log data from various security devices across different layers.
  • Conduct threat and vulnerability analysis with recommendations.
  • Investigate, document, and report on information security issues and emerging trends.
  • Analyze and respond to previously undisclosed software and hardware vulnerabilities.
  • Integrate and share information with other analysts and teams.
  • Participate in security projects collaborating with stakeholders as needed.
  • Be available for weekend on-call rotation.
  • Complete other tasks and responsibilities as assigned through the ticketing system.

Requirements

  • Bachelor's degree in a related field (Security, Forensics, or Computer Science preferred).
  • At least 4 years of experience as a security analyst or incident handler/responder within security operations (SecOps or SOC).
  • Excellent knowledge of security methodologies and processes (e.g., Kill chain/diamond models, MITRE ATT&CK framework, SANS).
  • Strong knowledge of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, AVs, DLP, CASB, proxies, network behavioral analytics, endpoint and cloud security).
  • In-depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS, and HTTP protocols, along with network analysis and security applications.
  • Good knowledge of information security frameworks and standards (e.g., ISO 27001, NIST-CSF).
  • Very good knowledge of common malware threats and attack methodologies.
  • Professional certifications such as GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CISSP, or equivalent are highly desirable.

Nice-to-haves

  • Experience in developing operational playbooks and documentation.
  • Ability to suggest alert enhancements to improve detection capability.
  • Experience working with external vendors and third parties.
  • Good understanding of system and network hardening practices.

Benefits

  • Healthcare plans
  • Flexible spending and savings accounts
  • Life, AD&D, and disability coverages
  • 401(k) retirement plan with discretionary contributions
  • Paid time off including vacation and personal days
  • Seventy-two (72) hours of sick time (prorated for part-time employees)
  • Ten federal holidays and one floating holiday
  • Parental leave
  • Discretionary bonus program based on individual and firm performance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service