Security Operations Center Analyst Level 3

Charlotte, NC

Company Name :IBA Infotech LLC

Type : Contract

Primary Skills : Cyber Security, Giac Certified, Incident Handler, Incident Response, Giac Certified, Intrusion Analyst

Location : Charlotte

CTC : DOE

Job Description:

This job will have the following responsibilities:

  • Conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats
  • Perform investigation and escalation for complex or high severity security threats or incidents
  • Serve as an escalation resource and mentor for other analysts
  • Work with SIEM Engineering and other security partners developing and refining correlation rules
  • Work on complex tasks assigned by leadership, which may involve coordination of effort among Level 1/2/3 analysts
  • Coordinate evidence/data gathering and documentation and review Security Incident reports
  • Assist in defining and driving strategic initiatives
  • Create and develop SOC processes and procedures working with Level 3, Level 2 and Level 1 Analysts
  • Provide recommendations for improvements to Client’s  Security Policy, Procedures, and Architecture based on operational insights
  • Define and assist in the creation of operational and executive reports
  • Define tool requirements to improve SOC capabilities

 

Qualifications & Requirements:

  • 7+ years of technical experience in Information Security, System Administration, or Network Engineering with at least 5 - 7 years of experience in Information Security
  • Extensive experience in Incident Response, Incident Handling and Security Operations
  • Advanced knowledge and expertise of using SIEM technologies for event investigation
  • Basic understanding of incident handling/incident response techniques within a cloud-based environment such as Google Cloud, Azure or AWS

 

Security Certifications Preferred (including but not limited to the following certifications):

  • Certified Incident Handler (GCIH)
  • Certified Intrusion Analyst (GCIA)
  • Certified Penetration Tester (GPEN)
  • Certified Ethical Hacker (CEH)
  • Certified Expert Penetration Tester (CEPT)
  • Certified Information Systems Security Professional (CISSP)
  • Networking Certifications (CCNA, etc.)
  • Platform Certifications (Microsoft, Linux, Solaris, etc.)

 

Preferred Competencies

  • Advanced event analysis leveraging SIEM tools
  • Advanced incident investigation and response skillset
  • Advanced log parsing and analysis skillset
  • Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)
  • Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
  • Advanced knowledge of malware operation and indicators
  • Advanced knowledge of penetration techniques
  • Moderate to Advanced knowledge of DDoS mitigation techniques
  • Moderate to Advanced knowledge or IDS/IPS systems
  • Moderate to Advanced knowledge of Windows and Unix or Linux
  • Moderate knowledge of Firewall and Proxy technology
  • Moderate knowledge of Data Loss Prevention monitoring
  • Moderate knowledge and experience with Cloud technologies (Amazon, Azure, Google Cloud)
  • Moderate experience with scripting
  • Moderate knowledge of forensic techniques
  • Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
  • Moderate knowledge of audit requirements (PCI, HIPPA, SOX, etc.)