Our client is currently seeking a SOC Analyst
This position is for a core team member to supplement the firm’s growing cyber security monitoring function. The candidate will join a team currently responsible for:
•Providing first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches. The event management includes triage, correlation and enrichment of individual events to either rule out as false positive, trigger standard detective and corrective responses, or escalating as a security incident.
•Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing. Expands the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics
•Configuring and monitoring Security Information and Event Management (SIEM) platform for security alerts. Integrate and work with the firm’s Managed Security Services Provider (MSSP) services
•Providing reporting and metrics around security monitoring by designing dashboards for asset owners and management consumption. Leveraging existing technologies within the organization to expand the scope of coverage of the security monitoring service.
•Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. Industry certifications such as CISSP or GCIH a plus.
•3-5 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
•Minimum three years of security monitoring experience and incident response activities; preferably within a professional services firm or similar environment
•Understanding of network, desktop and server technologies, including experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)
•Experience with SIEM technologies, log management tools, security analytics platforms, and forensic offerings
•Experience with malware analysis, virus exploitation and mitigation techniques
•Strong knowledge of incident response and crisis management
•Strong verbal and written communication skills
•Experience with fraud monitoring, data leakage prevention, and privileged access monitoring a plus