What are the responsibilities and job description for the Security Operations Center Analyst II - Remote position at KiZAN Technologies?
Security Operations Center Analyst II
Location: Dayton, OH
Employment Type: Full Time
Location: Dayton, OH
Employment Type: Full Time
About KiZAN
We make technology personal!
KiZAN is an Industry leading Microsoft Professional Services and Managed Services Provider supporting Regional, National and Global clients. We personalize technology by sparking passion, fueling purpose, and building connections.
Here at KiZAN, we are one team, we support each other and take the initiative to solve problems. We are fully committed to the direction chosen and always support our Mission. Being a part of KiZAN means that we win together, we create an inclusive atmosphere where everyone feels accepted, a sense of purpose, and we embrace collaboration.
KiZAN Technologies has an immediate need for an exceptional individual to join our family as a SOC Analyst II. The ideal candidate will have strong communication skills, is a true team player with a commitment to success, has leadership skills, and will be able to thrive in a fast paced, rapidly-changing environment.
Responsibilities:
An SOC Analyst II is a subject matter expert responsible for managing threats, disseminating information, and handling, responding to and investigating all incident escalations from the Security Operations Center. Level 2 team members are responsible for coordinating with the CSIRT process when necessary and managing incidents throughout the event life cycle. Level 2 team members will further an investigation and ensure root cause and resolution for metrics, tracking, and lessons learned are compiled, documented, and disseminated in conjunction with the CIRT process.
Cybersecurity Operations
- Cybersecurity Analysis, Detection and Response: 40%
- Manage SOC event and information intake to include gathering intelligence reports, monitoring ticket queues, investigating reported incidents, and interacting with other security and network groups as necessary.
- Continuously monitor network traffic and systems for security anomalies, intrusions, or breaches. Perform research and use systems and tools in places, such as SIEM, XDR, NAC, and other
- Investigate Level 1 escalated Incidents.
- Ensure SOC Triage Tagged Incidents are addressed in a timely manner using available reporting and metrics.
- Monitor Level 1 Analyst performance investigating incoming Incidents using SOC-available tools.
- Respond to attempted efforts to compromise security controls using documented procedures.
- Participate in incident response exercises.
- Coordinate with SIEM Engineers to tune Alerts and Events.
- Cybersecurity Vulnerability and Threat Mitigation: 40%
- Perform regular vulnerability assessments and security analyst of information technology systems.
- Create reports showing risk and priorities and share findings with appropriate stakeholders and coordinate with them to implement security patches and other mitigations.
- SOC process refinement and cross training: 20%
- Improve SOC processes to elevate response efficiency.
- Consult the organization on security tool improvements for customers.
- Mentor Level 2/Level 1 Analysts to improve detection/analytical capabilities within the SOC.
- Interview potential SOC resources and provide feedback.
- Drive and monitor shift-related metrics processes ensuring applicable reporting is gathered and disseminated per SOC requirements.
- Serve as shift subject matter experts on incident detection and analysis techniques providing guidance to junior analysts and making recommendations to organizational managers.
- Track tactical issues in execution of SOC responsibilities.
Minimum requirements:
- Bachelor's (B.S., B.A.) in a Computer Sciences field, or equivalent combination of education and experience
- 2 years’ experience as a Level 2 SOC Analyst
- Experience with Microsoft Sentinel, M365 Defender products, and Microsoft Defender for Cloud
- Experience with SOC Framework
Required Skills:
- Experience with Microsoft Sentinel, Critical Start, and Rapid Fire
- Generates and maintains documentation on SOC procedures performed and publishes such materials as appropriate.
- Willing and able to work extended hours and rotate on-call duties to ensure customer incident response.
- Performs other duties, responsibilities, and special projects, as requested.
- Communicate effectively, both orally and in writing, to clearly express ideas and opinions.
- Demonstrates teamwork, is receptive to and acts upon input from others, is willing and able to compromise as needed, displays willingness to work with all firm employees, and willingly assists others.
- Demonstrates initiative and contributes new ideas; is self-motivated.
- Demonstrates flexibility; willing to adjust to changes, able to work with all levels of firm employees.
- Works with tight deadlines and under pressure.
- Always exhibits positive leadership characteristics to the team, both in terms of improving processes and procedures and being proactive about the nature and scope of the team’s work.
EEO/AA Employer
