SOC Engineer

Title : SOC Engineer

Location : Alameda, CA

ESSENTIAL DUTIES AND RESPONSIBILITIES :

• Oversee the end-to-end threat management process, from initial detection and analysis to containment, eradication, and recovery. Ensure that all incidents are thoroughly investigated and documented, and that lessons learned are incorporated into future threat management strategies.
• Regularly assess the effectiveness of detection mechanisms and make necessary adjustments to improve accuracy and coverage. This includes conducting regular threat hunting exercises to identify gaps and areas for improvement.
• Create and refine correlation rules within the XDR Platform (Cortex XDR) to identify complex attack patterns and reduce false positives. This involves analyzing security events and developing rules that accurately detect malicious activities.
• Incorporating threat intelligence feeds into the team's detection capabilities to stay updated on the latest threats and attack techniques. Use this intelligence to enhance detection rules and response strategies.
• Utilize machine learning and behavioral analytics to identify anomalies and potential threats that traditional signature-based tools might miss. This includes analyzing user behaviors and network traffic to detect suspicious activities.
• Regularly review and fine-tune the configurations of current security tools such as SIEM, EDR, and IDS / IPS to ensure they are effectively detecting and alerting on potential threats.
• Work with various log sources and data feeds to enhance the visibility and detection capabilities of the team. This includes integrating logs from network devices, servers, applications, and cloud environments.
• Co-create and maintain playbooks to standardize and automate threat response procedures. This includes developing automated workflows to streamline incident response, reduce response times, and improve the overall efficiency and effectiveness of the cybersecurity operations team.
• Stay current with the latest threat landscape and emerging trends in cybersecurity to proactively identify and mitigate potential security risks.
• Contribute to the overall information security strategy.

EDUCATION / EXPERIENCE / KNOWLEDGE & SKILLS :

Education :

Experience :

Knowledge / Skills / Abilities :

The salary range provided for this contract role represents our good faith estimate for this position. Within the range, individual offers will vary based on the selected candidate's experience, industry knowledge, technical and communication skills, location and other factors that may prove relevant during the interview process (W2 or C2C). In addition to compensation, the company provides eligible W2 employees with a comprehensive and highly competitive benefits package.

I.T. Solutions, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.