JobRialto
Cloud SOC Analyst
JobRialto, Phoenix, Arizona, United States, 85003
Job Summary:
Client's Security & Technology Operations organization is seeking an Information Cyber Security Analyst to join the Security Operations Center (SOC). The selected candidate will be an integral part of a 24x7x365 SOC team, responsible for monitoring, analyzing, and responding to information security threats, including commodity malware, policy violations, and advanced persistent threats (APT). The role also involves collaborating with teams such as Threat Intelligence, Risk Management, and Forensics to enhance security operations and incident response capabilities. The ideal candidate will be a technically skilled, passionate, and self-driven individual eager to learn, solve complex problems, and contribute to the growth of the team.
Key Responsibilities:
Threat Detection & Incident Response:
Monitor security alerts from multiple sources and identify potential threats or attacks on the network, systems, and applications.
Respond to security incidents, analyze root causes, and implement corrective actions to mitigate risk.
Investigate and analyze security incidents involving malware, advanced persistent threats (APTs), and other cyber-attacks.
Collaboration with Security Teams:
Work closely with the Threat Intelligence, Risk Management, and Forensic teams to gather intelligence, identify vulnerabilities, and recommend security improvements.
Support the development and refinement of security processes and playbooks to improve incident response times and effectiveness.
Security Monitoring:
Continuously monitor security logs, alerts, and events using security tools and platforms to detect signs of unauthorized access or breaches.
Analyze event data to identify trends and emerging threats, providing proactive recommendations for mitigation.
Policy Compliance & Reporting:
Ensure adherence to security policies and compliance frameworks.
Assist in creating and maintaining documentation, reports, and analysis of security incidents and responses.
Ongoing Learning & Development:
Stay up to date with the latest cybersecurity threats, trends, and mitigation techniques.
Participate in training and development opportunities to enhance skills in cybersecurity and information security.
Required Qualifications:
Experience:
2+ years of experience in cybersecurity or a related field, specifically within a Security Operations Center (SOC) or incident response role.
Hands-on experience with monitoring and responding to security incidents, including malware and advanced persistent threats (APTs).
Technical Skills:
Familiarity with SIEM (Security Information and Event Management) tools, such as Splunk, ArcSight, or QRadar.
Experience with endpoint protection tools, firewalls, intrusion detection/prevention systems (IDS/IPS), and network security.
Strong understanding of security frameworks and protocols, including TCP/IP, DNS, HTTP, and VPN technologies.
Problem Solving & Analytical Skills:
Strong analytical and problem-solving skills to identify vulnerabilities and mitigate risks.
Ability to analyze security data and generate actionable insights from incident events.
Communication:
Excellent communication skills with the ability to articulate complex security issues to both technical and non-technical audiences.
Preferred Qualifications:
Experience with Threat Intelligence:
Familiarity with threat intelligence platforms (TIPs) or open-source threat intelligence (OSINT).
Security Knowledge:
Experience with threat modeling, vulnerability management, or penetration testing is a plus.
Familiarity with industry regulations and compliance standards such as ISO 27001, NIST, GDPR, or PCI-DSS.
Incident Response Experience:
Previous experience managing or coordinating incident response in a high-pressure environment.
Certifications:
Required:
Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) is preferred.
Preferred:
CompTIA Security+, Certified Information Security Manager (CISM), or similar cybersecurity certifications.
GIAC Security Essentials (GSEC) or GIAC Incident Handler (GCIH) certification is a plus.
Education:
Bachelors Degree
Client's Security & Technology Operations organization is seeking an Information Cyber Security Analyst to join the Security Operations Center (SOC). The selected candidate will be an integral part of a 24x7x365 SOC team, responsible for monitoring, analyzing, and responding to information security threats, including commodity malware, policy violations, and advanced persistent threats (APT). The role also involves collaborating with teams such as Threat Intelligence, Risk Management, and Forensics to enhance security operations and incident response capabilities. The ideal candidate will be a technically skilled, passionate, and self-driven individual eager to learn, solve complex problems, and contribute to the growth of the team.
Key Responsibilities:
Threat Detection & Incident Response:
Monitor security alerts from multiple sources and identify potential threats or attacks on the network, systems, and applications.
Respond to security incidents, analyze root causes, and implement corrective actions to mitigate risk.
Investigate and analyze security incidents involving malware, advanced persistent threats (APTs), and other cyber-attacks.
Collaboration with Security Teams:
Work closely with the Threat Intelligence, Risk Management, and Forensic teams to gather intelligence, identify vulnerabilities, and recommend security improvements.
Support the development and refinement of security processes and playbooks to improve incident response times and effectiveness.
Security Monitoring:
Continuously monitor security logs, alerts, and events using security tools and platforms to detect signs of unauthorized access or breaches.
Analyze event data to identify trends and emerging threats, providing proactive recommendations for mitigation.
Policy Compliance & Reporting:
Ensure adherence to security policies and compliance frameworks.
Assist in creating and maintaining documentation, reports, and analysis of security incidents and responses.
Ongoing Learning & Development:
Stay up to date with the latest cybersecurity threats, trends, and mitigation techniques.
Participate in training and development opportunities to enhance skills in cybersecurity and information security.
Required Qualifications:
Experience:
2+ years of experience in cybersecurity or a related field, specifically within a Security Operations Center (SOC) or incident response role.
Hands-on experience with monitoring and responding to security incidents, including malware and advanced persistent threats (APTs).
Technical Skills:
Familiarity with SIEM (Security Information and Event Management) tools, such as Splunk, ArcSight, or QRadar.
Experience with endpoint protection tools, firewalls, intrusion detection/prevention systems (IDS/IPS), and network security.
Strong understanding of security frameworks and protocols, including TCP/IP, DNS, HTTP, and VPN technologies.
Problem Solving & Analytical Skills:
Strong analytical and problem-solving skills to identify vulnerabilities and mitigate risks.
Ability to analyze security data and generate actionable insights from incident events.
Communication:
Excellent communication skills with the ability to articulate complex security issues to both technical and non-technical audiences.
Preferred Qualifications:
Experience with Threat Intelligence:
Familiarity with threat intelligence platforms (TIPs) or open-source threat intelligence (OSINT).
Security Knowledge:
Experience with threat modeling, vulnerability management, or penetration testing is a plus.
Familiarity with industry regulations and compliance standards such as ISO 27001, NIST, GDPR, or PCI-DSS.
Incident Response Experience:
Previous experience managing or coordinating incident response in a high-pressure environment.
Certifications:
Required:
Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) is preferred.
Preferred:
CompTIA Security+, Certified Information Security Manager (CISM), or similar cybersecurity certifications.
GIAC Security Essentials (GSEC) or GIAC Incident Handler (GCIH) certification is a plus.
Education:
Bachelors Degree