C4 Technical Services
Sr. SOC Analyst
C4 Technical Services, Minnesota Lake, Minnesota, United States, 56068
Senior SOC AnalystLocation: US or Nearshore
This role is pivotal in supporting and enhancing client's Security Operations Center (SOC). As a Senior Security Analyst, the focus is on three key areas: (1) actively contributing to the operational effectiveness of the SOC within Client's managed security services framework; (2) playing a critical role in the analysis and resolution of security alerts, escalations and incidents, working collaboratively with Client Operations teams and external teams; (3) participating in regular security reviews with clients, providing expert insights and recommendations to ensure optimal security posture.
ESSENTIAL RESPONSIBILITIES
Incident Response and Analysis: Takes a primary role in identifying, categorizing, and responding to security events and incidents escalated from the SOC team. This involves detailed analysis, timely response, and coordination with different teams for cross-functional incidents. The Senior Security Analyst ensures incidents are thoroughly documented, including lessons learned, to enhance future responses.Process Optimization and Threat Analysis: Regularly reviews existing security operations processes, tools, and protocols for efficiency and effectiveness. Based on findings, feedback, and evolving threat landscapes, the Senior Security Analyst recommends and implements improvements. This also includes staying updated with the latest SOC technologies and methodologies.Security Tool Management: Directly involved in the configuration, operation, and fine-tuning of various security tools, such as the Client Security Platform. The Senior Security Analyst ensures these tools are optimally configured for current security needsTraining and Skill Development: Actively participates in training and skill development activities, both as a learner and a mentor for junior SOC team members. Engages in simulation exercises like red teaming to sharpen incident response skills and knowledge.Reporting and Communication: Contributes to the development of comprehensive reports on the SOC's performance, focusing on incident analysis, response times, and resolution efficacy. Ensures that reports are insightful, actionable, and communicated effectively to stakeholders.Collaboration and Team Support: Works closely with the SOC team, providing technical expertise, insights, and support. Assists in mentoring and coaching team members, fostering a collaborative and skillful team environment.REQUIRED EXPERIENCE
Minimum of 6+ years in cybersecurity roles, with significant experience working in a Security Operations Center (SOC). Experience in a Managed Security Service Provider (MSSP) or a large-scale global SOC is highly preferred.A proven track record of actively participating in managing and resolving security incidents.Strong knowledge of major cloud provider technologies (AWS, Azure, etc.), with a focus on security aspects.Solid understanding of networking protocols and infrastructure designs, including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.Experience with virtualization technologies such as VMware and Microsoft Hyper-V.Experience working in regulated environments such as HIPAA or PCI is preferred, focusing on compliance and security best practices.Demonstrated ability to manage time effectively, with experience in participating in projects and coordinating with various stakeholders.Excellent communication skills are essential, with the ability to contribute to security reviews with clients and effectively communicate key security issues, risks, and incidents to stakeholders.Tools and Technologies Expertise:
Proficient in using Security Information and Event Management (SIEM) systems.Skilled in operating Intrusion Detection & Prevention (IDP) and Endpoint Detection & Response (EDR) tools.Familiarity with Network Detection & Response (NDR).Experience in utilizing network analysis tools like Wireshark, tcpdump, etc.Competency in scripting languages such as Python, Bash, or PowerShell.
PREFERRED CERTIFICATIONS
One or more of the following certifications are preferred.
CISSP - Certified Information Systems Security ProfessionalCEH - Certified Ethical HackerCompTIA - SecurityOSCP - Offensive Security Certified ProfessionalGSEC - SANS GIAC Security Essentials
#DICEnkraft@c4techservices.com
This role is pivotal in supporting and enhancing client's Security Operations Center (SOC). As a Senior Security Analyst, the focus is on three key areas: (1) actively contributing to the operational effectiveness of the SOC within Client's managed security services framework; (2) playing a critical role in the analysis and resolution of security alerts, escalations and incidents, working collaboratively with Client Operations teams and external teams; (3) participating in regular security reviews with clients, providing expert insights and recommendations to ensure optimal security posture.
ESSENTIAL RESPONSIBILITIES
Incident Response and Analysis: Takes a primary role in identifying, categorizing, and responding to security events and incidents escalated from the SOC team. This involves detailed analysis, timely response, and coordination with different teams for cross-functional incidents. The Senior Security Analyst ensures incidents are thoroughly documented, including lessons learned, to enhance future responses.Process Optimization and Threat Analysis: Regularly reviews existing security operations processes, tools, and protocols for efficiency and effectiveness. Based on findings, feedback, and evolving threat landscapes, the Senior Security Analyst recommends and implements improvements. This also includes staying updated with the latest SOC technologies and methodologies.Security Tool Management: Directly involved in the configuration, operation, and fine-tuning of various security tools, such as the Client Security Platform. The Senior Security Analyst ensures these tools are optimally configured for current security needsTraining and Skill Development: Actively participates in training and skill development activities, both as a learner and a mentor for junior SOC team members. Engages in simulation exercises like red teaming to sharpen incident response skills and knowledge.Reporting and Communication: Contributes to the development of comprehensive reports on the SOC's performance, focusing on incident analysis, response times, and resolution efficacy. Ensures that reports are insightful, actionable, and communicated effectively to stakeholders.Collaboration and Team Support: Works closely with the SOC team, providing technical expertise, insights, and support. Assists in mentoring and coaching team members, fostering a collaborative and skillful team environment.REQUIRED EXPERIENCE
Minimum of 6+ years in cybersecurity roles, with significant experience working in a Security Operations Center (SOC). Experience in a Managed Security Service Provider (MSSP) or a large-scale global SOC is highly preferred.A proven track record of actively participating in managing and resolving security incidents.Strong knowledge of major cloud provider technologies (AWS, Azure, etc.), with a focus on security aspects.Solid understanding of networking protocols and infrastructure designs, including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.Experience with virtualization technologies such as VMware and Microsoft Hyper-V.Experience working in regulated environments such as HIPAA or PCI is preferred, focusing on compliance and security best practices.Demonstrated ability to manage time effectively, with experience in participating in projects and coordinating with various stakeholders.Excellent communication skills are essential, with the ability to contribute to security reviews with clients and effectively communicate key security issues, risks, and incidents to stakeholders.Tools and Technologies Expertise:
Proficient in using Security Information and Event Management (SIEM) systems.Skilled in operating Intrusion Detection & Prevention (IDP) and Endpoint Detection & Response (EDR) tools.Familiarity with Network Detection & Response (NDR).Experience in utilizing network analysis tools like Wireshark, tcpdump, etc.Competency in scripting languages such as Python, Bash, or PowerShell.
PREFERRED CERTIFICATIONS
One or more of the following certifications are preferred.
CISSP - Certified Information Systems Security ProfessionalCEH - Certified Ethical HackerCompTIA - SecurityOSCP - Offensive Security Certified ProfessionalGSEC - SANS GIAC Security Essentials
#DICEnkraft@c4techservices.com