About the position
The Global Security Office (GSO) at A&M Alvarez & Marsal is seeking a dedicated Security Operation Center Analyst to join our team. This role is pivotal in maintaining the security and integrity of our operations, working closely with the SOC Manager. The selected candidate will be part of a global 24x7 Security Operation Center (SOC) environment, which includes both in-house and outsourced SOC operations. The position is based in the United States and requires participation in an on-call rotation to ensure continuous monitoring and response to security incidents. As a Security Operation Center Analyst, you will be responsible for real-time alert monitoring and risk mitigation, analyzing security log data from a diverse array of security devices across various layers. You will provide Incident Response (IR) support when actionable incidents are confirmed from both the outsourced SOC and internal systems. Additionally, you will conduct threat and vulnerability analysis, offering security advisory services to enhance our security posture. Your role will also involve investigating and documenting information security issues, as well as emerging trends in the cybersecurity landscape. Collaboration is key in this position, as you will integrate and share information with other analysts and teams, participate in security projects, and assist network operations and engineering teams. The role requires a proactive approach to security, with the ability to manage multiple projects simultaneously and adapt to changing priorities as needed. You will also be expected to develop thorough documentation and operational playbooks, suggesting enhancements to improve detection capabilities.
Responsibilities
- Work in a global 24x7 Security Operation Center (SOC) environment consisting of in-house and outsourced SOC.
- Participate in an on-call rotation for incident response.
- Perform real-time alert monitoring and risk mitigation.
- Analyze and trend security log data from various security devices.
- Provide Incident Response (IR) support for actionable incidents.
- Conduct threat and vulnerability analysis and provide security advisory services.
- Investigate and document information security issues and emerging trends.
- Integrate and share information with other analysts and teams.
- Participate in security projects and assist network operations and engineering teams.
- Complete other tasks and responsibilities as assigned through the ticketing system.
Requirements
- Bachelor's degree in a related field (Security, Forensics, or Computer Science preferred).
- At least 4 years of experience as a security analyst, incident handler/responder, security engineer, or penetration tester.
- Excellent knowledge of security methodologies and processes (e.g., Kill chain/diamond models, MITRE ATT&CK framework).
- Strong understanding of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, AVs, DLP, proxies, network behavioral analytics, endpoint and cloud security).
- In-depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS, and HTTP protocols, as well as network analysis and security applications.
- Good knowledge of common malware threats and attack methodologies.
- Professional certifications such as GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CISSP, or equivalent are highly desirable.
Nice-to-haves
- Experience working with external vendors and third parties.
- Good understanding of system and network hardening practices.
Benefits
- Healthcare plans
- Flexible spending and savings accounts
- Life, AD&D, and disability coverages
- 401(k) retirement plan with discretionary contributions
- Paid time off including vacation and personal days
- Seventy-two (72) hours of sick time (prorated for part-time employees)
- Ten federal holidays and one floating holiday
- Parental leave
- Discretionary bonus program based on individual and firm performance.
