Security operations center (SOC) Analyst

Onsite Role

Client :- NYPD

Need Local only (NYC)

Work Schedule: Sat - Mon

19:00 08:00 (7pm 8am)

Schedule: Sat Mon, 7pm 8am (3x13hrs, 4 days off), or as needed for escalations; includes weekends & holidays

The schedule is 3 days x 13-hour shifts, but similarly scheduled resources will usually tack on an extra hour to one of the shifts to make 40 hours.

Role Responsibilities:

• Perform security monitoring and analysis leveraging SIEM and security tools
• Conduct technical analysis and correlation of operating system, database, application, cloud and network logs to triage potential security events and incident investigations
• Analyze tactics, techniques, and procedures (TTPs) for various intrusion sets
• Develop custom SIEM content and tune security tools to prevent, detect and respond to malicious activity
• Utilize EDR and network security tools to conduct host and network-based detection analysis
• Conduct vulnerability scans and participate in tabletop exercises
• Improve the incident response process through tabletop exercises, playbook development, and standard operating procedures
• Day to day, primarily first responder to incidents

Requirements and Experience:

• Must be willing to come onsite to NYC on a regular basis
• Must have experience using various Threat Intelligence tools
• Experience managing ticket escalations, and incident response coordination across engineering, security, and management teams
• Experience in IDS/IPS, SIEM, EDR, DLP, Firewalls, DNS security, cloud security, Windows and Linux systems, etc.
• Familiarity with the Cybersecurity Framework (CSF) and a threat intelligence framework such as MITRE ATT&CK
• Deep knowledge of threat and vulnerability analysis
• Extremely detail-oriented and ability to quickly investigate ongoing and emerging threats
• Experience in developing, acquiring, maintaining and implementing threat intelligence
• Strong computer knowledge (hardware & operating systems)
  • Strong network knowledge
  • Excellent communication skills (Phone/Email)
    • Ability to interact and assist users over the phone
    • Ability to communicate with confidence and ensure the highest level of professionalism.
    • Ability to write clear emails to non-technical staff and send incident updates to upper management when required.
    • Assist with weekly presentation slides and project updates
    • Strong forensics background (soft requirement)