SOC Analyst

About Eleven Recruiting

We are a specialized technology staffing agency supporting professional and financial services companies. Why do we stand out in technology staffing? We listen and act as advisors for our candidates on how they can best add value, find interesting projects, and pave a path for career advancement. We advocate for best pay, diversity in tech, and best job-fit for every candidate we place.

Our client, an investment firm, is seeking an experienced SOC Analyst to join their team in New York, NY!

Responsibilities:

• Effectively interact with colleagues across the Cybersecurity team, as well as the broader Technology and Application teams.
• Responsible for initial or secondary triage of security incidents identified by internal controls or external SOC partners.
• Proficient in Threat Research and understanding the latest malware trends, common attack TTPs, and the general threat landscape.
• Proficient in Incident Response and automation workflows as it relates to Security Operations.
• Demonstrates ability to author content using a variety of query languages, as well as scripting for event enrichment and investigation.
• Detects, identifies, and responds to cyber events, threats, security risks and vulnerabilities in line with cyber security policies and procedures.
• Conducts threat hunting and analysis using various toolsets based on intelligence gathered.
• Responsible for documenting the incident life cycle, conducting handoffs, escalation, and providing support during cyber incidents.
• Partner with the security engineering and platform engineering teams to improve tool usage and workflow.
• Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
• Build and execute a program for continuous security controls testing and validation.
• Work with the GRC team to align with GRC controls testing.
• Perform other duties as planned.

Qualifications:

• Bachelor's degree in computer science, Information Technology, or related field.
• Professional Certifications such as CISSP, CISM, CEH, GCIH, GCIA, GSOC a plus.
• 5 years of experience in Enterprise Cybersecurity, or with a reputed Services / consulting firm offering security operations consulting or equivalent public sector experience.
• Experience with SIEM tools (Splunk, SumoLogic, Sentinel, QRadar, etc.) and Endpoint Detection & Response tools (CrowdStrike, CarbonBlack, SentinelOne, etc.).
• Experience engaging in a 24x7 operational environment.
• Experience with SQL and scripting (such as PowerShell).
• Results oriented and the ability to manage multiple tasks and deadlines with attention to detail.
• Strong communication and self-management skills.
• Experience testing and validating security controls a plus.
• Experience in SOAR (Security Orchestration Automation Response) platform preferred.