SOC Analyst

Job Title : - SOC(Security Operations Center) Analyst

Location : Harrisburg, PA - Must be PA resident

Position Type : Hybrid, 1 day per week onsite (Tuesday)

Contract Length : 6 months, contract to hire

Position Overview :

This Analyst manages and enhances the Security Operations Center (SOC) within the Enterprise Security Office (ESO). This role involves continuous monitoring, analysis, and reporting of security tools, including firewalls, intrusion prevention systems (IPS), data loss prevention (DLP), and endpoint detection and response (EDR). The analyst will conduct vulnerability and risk assessments, investigate and coordinate responses to security incidents, perform internal security reviews, and correlate logs across multiple systems to detect and mitigate threats.

Duties :

Develop, implement, and refine SOC processes, procedures, and response playbooks to improve detection, response, and mitigation capabilities in both on-prem and cloud environments.

Identify and recommend enhancements to SOC tools, workflows, and automation for increased efficiency, with a focus on AWS-native security services.

Establish and maintain strong relationships with internal and external stakeholders to ensure SOC alignment with business and security priorities.

Monitor, analyze, and respond to security events from AWS security services such as AWS Security Hub, Guard Duty, AWS Config, CloudTrail, and IAM Access Analyzer.

Investigate and remediate security incidents in AWS, leveraging AWS-native security controls, forensic capabilities, and automation.

Prepare and distribute emerging threat intelligence reports, providing actionable insights to agency stakeholders, with a focus on cloud-based threats.

Support compliance efforts by ensuring SOC activities align with AWS security frameworks, such as AWS Well-Architected Framework and regulatory standards (e.g., NIST, CIS, FedRAMP).

Participate in security awareness initiatives by providing insights on cloud-specific security threats and best practices.

Perform continuous monitoring of security solutions to detect, analyze, and respond to potential threats and vulnerabilities.

Proactively collect, correlate, and analyze security data to detect unauthorized access attempts or suspicious activities.

Evaluate and assess security events based on exploit and vulnerability intelligence, determining severity and appropriate response actions.

Investigate security incidents by conducting forensic analysis, gathering relevant documentation, and escalating as necessary.

Monitor, triage, and analyze alerts from security platforms (e.g., SIEM, AWS Security Hub, Microsoft Defender for Endpoint, Trend Micro Vision One).

Collaborate with internal teams to implement and refine security controls to meet evolving security requirements.

Conduct self-assessments of security controls to evaluate their effectiveness and identify areas for improvement.

Required Skills :

Bachelor's degree in Computer Science or a related field with two to five years of experience in information security administration or the equivalent combination of skills, experience, and certifications.

• Proficient understanding of security principles, risk assessment policies and standards, information security best practices, products and technologies, defense strategies, and network technologies.
• Demonstrated solid analytical, critical thinking, and organizational skills.
• Knowledge of the National Institute of Standards and Technology (NIST) security controls family and guidance to include NIST SP800-53.
• Experience with various operating systems focusing on Microsoft Windows and Linux / Unix.
• Effective skills with time management, prioritization, and attention to detail.
• Possess a high level of integrity and ethics.
• Proficient use of Microsoft Office suite.

Navya Gupta

Sr. IT Technical Recruiter

Phone : - 3212189059

Email : navya@stellentit.com

Gtalk : navya@stellentit.com

Linkedin id : - linkedin.com / in / navya-gupta-1a879024a