(SOC) Security Operation Center Analyst

$70,000 - $90,000/Yr

Alvarez & Marsal - Atlanta, GA

posted about 2 months ago

Part-time - Mid Level
Atlanta, GA
5,001-10,000 employees
Professional, Scientific, and Technical Services

About the position

The Security Operation Center Analyst position at A&M Alvarez & Marsal is a critical role within the Global Security Office (GSO). This position is designed for individuals who are passionate about cybersecurity and are eager to contribute to the security and integrity of the firm's operations. The selected candidate will work closely with the SOC Manager and will be an integral part of a global 24x7 Security Operation Center (SOC) environment, which includes both in-house and outsourced SOC operations. The role requires a proactive approach to monitoring security alerts, responding to incidents, and managing security-related tickets effectively. As a Security Operation Center Analyst, the individual will be responsible for real-time alert monitoring and will provide Incident Response (IR) support when actionable incidents are confirmed. This includes analyzing and trending security log data from a diverse array of security devices, conducting threat and vulnerability analyses, and investigating emerging security issues. The analyst will also be expected to document findings, report on security incidents, and collaborate with other teams to enhance the overall security posture of the organization. Participation in security projects and a weekend on-call rotation are also part of the responsibilities associated with this role. The ideal candidate will possess a strong educational background in a related field, along with substantial experience in security operations. They will be well-versed in security methodologies, technical security solutions, and information security frameworks. Excellent communication skills, both written and verbal, are essential for effectively conveying complex security information and contributing to the development of operational documentation and incident reports. The role demands adaptability, teamwork, and the ability to work independently while managing relationships with external vendors and third parties.

Responsibilities

  • Work in a global 24x7 Security Operation Center (SOC) environment consisting of in-house and outsourced SOC.
  • Perform real-time alert monitoring and respond to the ticket management queue.
  • Provide Incident Response (IR) support for actionable incidents from the outsourced SOC and/or internal systems.
  • Analyze and trend security log data from various security devices across different layers.
  • Conduct threat and vulnerability analysis with actionable recommendations.
  • Investigate, document, and report on information security issues and emerging trends.
  • Analyze and respond to previously undisclosed software and hardware vulnerabilities.
  • Integrate and share information with other analysts and teams.
  • Participate in security projects collaborating with stakeholders as needed.
  • Participate in a weekend on-call rotation as required.
  • Complete other tasks and responsibilities as assigned through the ticketing system.

Requirements

  • Bachelor's degree in a related field (Security, Forensics, or Computer Science preferred).
  • At least 4 years of experience as a security analyst or incident handler/responder within security operations (SecOps or SOC).
  • Excellent knowledge of security methodologies and processes (e.g., Kill chain/diamond models, MITRE ATT&CK framework, SANS).
  • Strong understanding of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, AVs, DLP, CASB, proxies, network behavioral analytics, endpoint and cloud security).
  • In-depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS, and HTTP protocols, along with network analysis and security applications.
  • Good knowledge of information security frameworks and standards (e.g., ISO 27001, NIST-CSF).
  • Very good knowledge of common malware threats and attack methodologies.
  • Professional certifications such as GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CISSP, or equivalent are highly desirable.

Nice-to-haves

  • Experience in developing thorough documentation and operational playbooks.
  • Ability to suggest alert enhancements to improve detection capability.
  • Experience working with external vendors and third parties.
  • Good understanding of system and network hardening practices.

Benefits

  • Healthcare plans
  • Flexible spending and savings accounts
  • Life, AD&D, and disability coverages
  • 401(k) retirement plan with discretionary contributions
  • Paid time off including vacation and personal days
  • Seventy-two (72) hours of sick time (prorated for part-time employees)
  • Ten federal holidays and one floating holiday
  • Parental leave
  • Discretionary bonus program based on individual and firm performance.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service