Position Description:

The SOC L2 Analyst position is a valued member of the Information Protection and Risk Management team.

The Analyst is part of the SOC (Security Operations Center) team and works closely with other members of the IPRM program to develop and implement a comprehensive approach to the management of security risks.

This role is responsible for working with other Security Operations Center team members in responding to security events according to established policies and best practices.

Job Responsibilities:

First level response for real time security alerts and events

Assist the Incident Response team in handling security events / incidents

Perform complex security investigations and root cause analysis

Data mining through use of SIEM or other data analytics solutions

Perform phishing investigations and response

Report generation around security events and metrics

Ensure that all security events are properly documented/tracked to meet audit and legal requirements

Develop documentation in support of response processes and/or procedures

Determine level of event severity and escalate as necessary

Qualifications:

Azure/AWS security, GCIA, GCIH, or other GIAC certifications preferred

Practical understanding of network protocols and operating systems

Broad understanding of security mitigation solutions at all layers

Minimum of four years information security specific experience

Bachelor's degree in information systems or equivalent experience

Ability to analyze large data sets to identify trends/anomalies indicative of malicious activity

Good understanding of application logic flow

Understanding or background in code development

Awareness of the current threat landscape

Self-driven and motivated with a strong passion for cybersecurity

Excellent verbal and written communications skills

Excellent problem solving and troubleshooting skills with a strong attention to detail

Ability to interact with personnel at all levels across the organization and to comprehend business imperatives

Ability to thrive in a fast-paced environment and capable of working under pressure

Experience in Security Operation Center/Incident response;

Splunk practical experience.

Good communication skills:

customer facing calm even demeanor when challenged, proactive, team player who works well with others and work well collaboratively.

Able to challenge respectfully and look for opportunities for continuous improvement.