Marcum
SOC Analyst (Level I)
Marcum, Houston, Texas, United States, 77246
Marcum LLP offers a great career with exceptional benefits.There's a lot to think about when it comes to launching your career. At Marcum, we offer you a world of opportunity, a highly competitive salary, exceptional benefits, flexible work options, and industry-leading technology, all within an environment that values your contributions and supports your professional growth.As a Tier 1 SOC Analyst, you will play a critical role in our cybersecurity operations by receiving and performing initial triage of security alerts, incident intake, ticket updates, and reporting of cyber events. You will be responsible for maintaining ticket queues, escalating incidents to Tier 2 and Tier 3 analysts when necessary, and proactively monitoring various channels for security threats.Key Responsibilities:Security Alert Triage: Receive and perform initial triage of security alerts, assess their severity, and determine appropriate actions for resolution.Incident Management: Handle incident intake, update incident tickets, and ensure that all relevant information related to security events is accurately documented in the ticketing system.Log Analysis: Review and analyze security logs and event data from various sources, such as firewalls, intrusion detection systems, and endpoint security tools, to identify potential security incidents.Security Documentation: Maintain and update standard operating procedures (SOPs) and knowledge base articles to document incident response processes and best practices.Threat Intelligence: Stay informed about the latest cybersecurity threats, vulnerabilities, and attack techniques, and apply this knowledge to enhance the SOC's threat detection capabilities.Ticket Queue Management: Maintain unassigned and assigned ticket queues, ensuring timely resolution and effective communication with stakeholders.Escalation: Identify incidents that require the attention of Tier 2 and Tier 3 analysts and facilitate their escalation for further investigation and resolution.Dashboard Monitoring: Proactively monitor security dashboards to detect and respond to emerging threats in real-time.Indicators of Compromise (IOCs): Understand, identify, and research Indicators of Compromise (IOCs) to support threat detection and incident response efforts.Hotline Support: Answer incoming hotline calls from clients, assisting them with security-related inquiries and incident reporting.Email Security: Monitor and respond to various email accounts, investigate phishing emails, and take appropriate actions to mitigate email-based threats.Client Communication: Monitor and respond to client Slack channels, providing timely updates on security incidents and maintaining effective communication with clients.Reporting: Prepare weekly/monthly metric reports, including findings, actions taken, and visualizations to highlight improvements in client security controls and practices.Qualifications:Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience).Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) is a plus.Strong understanding of cybersecurity principles and technologies.Excellent problem-solving and analytical skills.Effective communication and interpersonal skills.Ability to work in a fast-paced, high-pressure environment.Willingness to work rotating shifts, including nights and weekends.Prior experience in a SOC environment is preferred.Marcum LLP is an Equal Opportunity Employer.
#J-18808-Ljbffr
#J-18808-Ljbffr