Job Title: Security Analyst V

Location: Detroit, MI 48226

Start Date: 6/7/2024

Est. End Date: 12/31/2026

NOTE: Requisition Broadcast: 6/21/24 - Resumes due: 6/26/24 EOD. Onsite in Charlotte or Detroit for Hybrid model 3 days a week. ** SOC L2 Analyst**: ** Azure/AWS security experience, GCIA, GCIH, or other GIAC certifications preferred; ** Experience in Security Operation Center/Incident response; **Splunk – practical experience. ** Able to participate in a rotating On-Call schedule for after-hours information security events / incidents; **Good communication skills – customer facing – calm – even demeanor when challenged, proactive, team player who works well with others and work well collaboratively. Able to challenge respectfully and look for opportunities for continuous improvement. Able to mentor and coach junior team members** Video conference interview; provide location and best time to interview.

Job Description

SOC L2 Analyst

Position Description

The SOC L2 Analyst position is a valued member of the Information Protection and Risk Management team. The Analyst is part of the SOC (Security Operations Center) team and works closely with other members of the IPRM program to develop and implement a comprehensive approach to the management of security risks.

This role is responsible for working with other Security Operations Center team members in responding to security events according to established policies and best practices.

Job Responsibilities

First level response for real time security alerts and events

Assist the Incident Response team in handling security events / incidents

Perform complex security investigations and root cause analysis

Data mining through use of SIEM or other data analytics solutions

Perform phishing investigations and response

Report generation around security events and metrics

Ensure that all security events are properly documented/tracked to meet audit and legal requirements

Develop documentation in support of response processes and/or procedures

Determine level of event severity and escalate as necessary

Participate in a rotating On-Call schedule for after hours information security events / incidents

Qualifications

Azure/AWS security, GCIA, GCIH, or other GIAC certifications preferred

Practical understanding of network protocols and operating systems

Broad understanding of security mitigation solutions at all layers

Minimum of four years information security specific experience

Bachelor's degree in information systems or equivalent experience

Ability to analyze large data sets to identify trends/anomalies indicative of malicious activity

Good understanding of application logic flow

Understanding or background in code development

Awareness of the current threat landscape

Self-driven and motivated with a strong passion for cybersecurity

Excellent verbal and written communications skills

Excellent problem solving and troubleshooting skills with a strong attention to detail

Ability to interact with personnel at all levels across the organization and to comprehend business imperatives

Ability to thrive in a fast-paced environment and capable of working under pressure