Security Operations Analyst

Security Operations Analyst - Threat Detection and Rule Engineering - 12-Months

This is a fantastic opportunity for a Security Operations Analyst to join our major, global pharmaceutical client on their latest new-build project based in Ohio, this is a large-scale greenfield capital project and investing more than $1bn.

Responsibilities and Requirements :

• Monitor and investigate alerts leveraging Microsoft Security Tools
• Monitor and triage AWS security events and detections
• Monitor and investigate alerts leveraging EDR solutions
• Work with alerts from the Tier 1 cSOC Analysts, to perform in depth analysis and triage of network security threat activity based on computer and media events, malicious code analysis, and protocol analysis;
• Reviews trouble tickets generated by Tier 1 Analyst(s)
• Identify incident root cause and take proactive mitigation steps;
• Assist with incident response efforts;
• Work directly with cyber threat intelligence analysts to convert intelligence into useful detection;
• Collaborate with incident response team to rapidly build detection rules and signatures as needed;
• Perform lessons learned activities;
• Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
• Reviews and collects asset data (configs, running processes, etc.) on these systems for further investigation.
• Use strong TCP / IP networking skills to perform network analysis to isolate and diagnose;
• Document actions in cases to effectively communicate information internally and to client;
• Determines and directs remediation and recovery efforts.

If this role is of interest to you, please apply now! #LI-BD1