top of page

SOC Analyst

Scottsdale, AZ, USA

Job Type

Security

Role Summary:

All Senior Analysts are expected to handle customer facing investigations, mentoring and training of fellow analysts, display leadership, and to participate in interaction with customers and other teams through email or phone.


Requirements:

  • Solid understanding of core security technologies – Firewalls, IDS/IPS, SIEM, Endpoint protection, Network Topology

  • Experience performing forensic analysis of network logs and packets to identify compromise artifacts (3+ years)

  • Ability to identify actionable indicators of compromise based upon analysis of network forensic data

  • Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred

  • Ability and desire to mentor junior analysts


Required Qualifications:

  • Minimum of three years of experience performing triage/incident response in enterprise environments

  • Ability to analyze captured data or logs to perform incident response and identify potential compromises to customer networks

  • Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.

  • Experience analyzing both log and packet data in a SEIM (Netwitness, ArcSight, Splunk, etc)

  • Strong understanding of incident response methodologies and reporting

  • Experience using ticketing systems for tracking (JIRA, Remedy, Zendesk, ServiceNow, etc)

  • Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers

  • Higher level Security certifications (CEH, CISSP, GCIH, GREM, GPEN, GFNA, OCSP)

  • A leadership background including orchestrating team efforts for problem solving

  • Ability to manage security projects to completion both individually and in a group

  • A Strong ability to be an effective part of a cohesive team

Candidate must be reliable and able to function as part of a 24x7 operations center.


#LI-AV1

bottom of page