SOC Senior Security Analyst

new job!
Twitter Facebook
Farmington, CT
Job Type
Aug 17, 2018
Job ID
Our customer located in Farmington, CT is looking for a SOC Senior Security Analyst to safeguard the company's assets, intellectual property, and computer systems in support of the business objectives.  The analyst will be responsible for detecting cyber-attacks, escalating or remediating as necessary and work among a team of skilled analysts to address complex or difficult problems.  The focus of this role is working with and reporting to leadership.
Responsibilities include:
  • Collects, analyses and enriches event information and perform threat or target analysis duties
  • Interprets, analyses, and reports all events and anomalies in accordance with Computer Network Directives, including initiating, responding, and reporting discovered events
  • Manages and executes multi-level responses and addresses reported or detected incidents
  • Providing reporting and metrics around security monitoring by designing dashboards for asset owners and management consumption
  • Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers.
  • Develops focused reporting and briefings for advanced cyber threats and activity to various teams and leaders
  • Ability to do deep dive investigations on complex incidents
  • Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing
  • Act as Subject Matter Experts for analysis functions, providing support on more involved cases and guiding the activity of other analysts through collaboration act as the lead coordinator for the SOCs response to individual information security incidents
  • Act a SME and trainer to T1 personal as needed/ Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by the Security Operations Center
  • Teach other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents and other anomalies
  • Regularly recommend new SOC practices and approaches to address program improvement
  • Ensures security logs are generated, collected, correlated, and monitored
  • Development of Data Dictionaries for log sources to confirm which fields and values are needed or useful for Security Monitoring
  • Review of available logs to confirm there are adequate quantities and content to usefully provide Security Monitoring
  • Review current tooling to identify incremental monitoring opportunities, and communicate needs to engineering teams that support SOC
  • Triage SIEM alerts to determine False Positive, Incident, or Technology Misconfiguration
  • Perform research at the request of Incident Response teams
  • Perform case management activities to ensure successful BAU Security Monitoring Operations, including:
  • Documenting case activities in the system of record
  • Documenting current case notes sufficient for effective shift handover, as well as reviewing current status via phone call or in person
  • Engaging in all forms of communications (e.g. phone calls, instant-messaging, web page updates) to ensure cases are efficiently investigated by all approved parties, regardless of what company, department, or team they are a member of
  • Author Standard Operating Procedures (SOPs).
  • Creating incident detection “use case” needs, logic, and implementation methods
  • Creating "use case” alert triage workflows
  • Training documentation
Skills required:
  • 3-5 years of computer and network security experience preferred
  • Thorough understanding of fundamental security and network concepts (operating systems, IPS/IDS, TCP/IP, ports, etc.)
  • Demonstrated analytic expertise – to include ability to think critically and logically in a dynamic, high-pressure, fast-paced environment
  • Excellent written and oral communication skills
  • Bachelor’s Degree in Computer Science, Computer Engineering, Information Security, or related security discipline(s).
  • Security certifications (e.g. Security+, GCIA, GCIH, CISSP, CEH, OSCP, etc.)
  • Experience with Microsoft and Unix-based operating systems
  • Experience managing and tracking vulnerability cases
  • Experience supporting network security investigations
A Plus:
  • Master’s Degree
Please send compensation expectations/requirements and a MS Word or PDF version of your resume. No relocation/expense money provided. Candidates must be able to pass a background check, type 40 WPM, and must be able to work at a computer in a seated or stationary position for an hour at a time.
US citizens and those authorized to work in the US are encouraged to apply. However, we are unable to sponsor H1B or utilize 3rd party candidates at this time.
Data Based Development Systems is a continually growing and successful IT consulting firm in Glastonbury, CT that has been servicing Fortune 100 businesses for over 30 years.  Our clients offer an attractive work environment and the opportunity to work with state of the art technology. We offer competitive compensation and the opportunity to work with the latest technologies.