- Work as a part of the SOC team that runs 24×7, on a rotating shift schedule.
- Perform first level triage of incoming alerts into issues or incidents (initial assessing the priority of the event, initial determination of incident to determine risk and damage, or appropriate routing of security or privacy data request)
- Perform as a technical lead of security monitoring operations shift to provide advanced analysis, communication abilities, and mentorship of the junior team members.
- Be responsible for maintaining all Tier 1 documentation.
- Provide initial investigation of security incidents.
- Provide advanced analysis of alerts.
- Review alerts escalated by end-users.
- Provide limited incident response to end-users for low complexity security incidents.
- Provide communication and escalation throughout the incident per the CIRT guidelines.
- Perform analysis of log files.
- Take an active part in the containment of incidents, even after they are escalated, as directed.
- Provide use case creation/tuning recommendations to the engineering team based on findings during investigations or threat information reviews.
- Escalate issues when necessary.
- 0-2 years of prior experience in a similar position
- CCNA certification
- Security Essentials – SEC401 (optional GSEC certification)
- Continuous Monitoring and Security Operations – SEC511
- Security+, Network+, and Linux certification)
Apply Via The Following Link