Job Description

•2-5 years of relevant experience in SOC, Incident response or Cyber Forensics. 

•At least 1 year of prior SOC experience (can include internships).

•Comfortable working in 24/7 rotational shift. 

•Experience and knowledge conducting the following activities:

oMonitor and analyze traffic and events/alerts and advise on remediation actions.

oReview and assess impact and remediation actions for incidents.

oInvestigate intrusion attempts and perform analysis of exploits by correlating various sources and determining which system or data set is affected.

oFollow standard operating procedures for detecting, classifying, and reporting incidents.

oAnalyze a variety of network and host-based security appliance logs (EDR, Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.

oIndependently follow procedures to identify, contain, analyze, document and eradicate malicious activity.

oEscalate information regarding intrusion events, security incidents, and other threat indicators and warning information to the client.

•Ability to communicate efficiently with internal team members at all levels and across functional and organizational boundaries.

•Working knowledge of the TCP/IP suite/OSI layers of protocols.

•Conceptual knowledge of network and systems architecture.

•Familiarity with Intrusion Detection Systems configuration and operation.

•Web application architecture.

•Active Directory Solid understanding of how major application layer protocols function (e.g., HTTP, SMTP, DNS).

•Knowledge of categories of malware and how they function (e.g., rootkits, trojans, adware, exploits, fileless).

•Organizational skills and time management/prioritization.

•Comfortable working against deadlines in a fast-paced environment.