OpTech
SOC Tier 1 Analyst (1/2)
OpTech, Michigan Center, Michigan, United States, 49254
Why work at OpTech? OpTech is a woman-owned company that values your ideas, encourages your growth, and always has your back. When you work at OpTech, not only do you get health and dental benefits on the first day of employment, but you also have training opportunities, flexible/remote work options, growth opportunities, 401K and competitive pay. Apply today! OpTech is an EOE, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. https://www.optechus.com/eeo_self_identification/
The Security Operations Center is responsible for providing 24/7, 365 monitoring, detection, and response capabilities for our client. This includes event, cloud security, and DLP monitoring, as well as a role in the incident response process. The Tier 1 SOC analyst primarily serves as the initial triage and investigation point for the SOC and would escalate incidents on an as needed basis.
The Tier 1 Security Operation Center (SOC) Analyst is responsible for proactively monitoring and performing initial triage / investigation of security incidents and alerts to identify any malicious activity. Besides the initial triage and investigation, Tier 1 Analysts are expected to escalate security incidents according to defined escalation policies to Tier 2, Tier 3, and SOC leadership for further investigation / response.
Duties/Responsibilities:SOC AnalysisMonitor security incidents for, endpoints, network, and cloud domains, being generated by the SIEM tool and ticketing system.Initial triage and investigation of incidents assigned through the ticketing system, following established playbooks for specific incident types.Respond, mitigate, and eradicate security threats, with guidance from Tier 2, Tier 3 analysts, as well as SOC leadership.Documentation and Support
Provide consistent and quality documentation of actions taken to triage / investigate incidents.Assist senior staff in development of documentation / knowledge management articles for the SOC.Handle sensitive information in accordance with the Corporate Information Protection Policy.Collaborate with other Engineering and Operations teams to troubleshoot, respond, and improve detection capabilities.Skills:
Solid understanding of Cybersecurity concepts and frameworks.Proven, excellent analytical skills.Working knowledge in the use of tools such as SIEM / IT Ticketing technologies, EDR, Email Gateway's, Malware Analysis Sandbox.Understanding of networking (TCP/IP networks and protocols) concepts.Understanding of phishing and malware techniquesStrong written and oral communication, documentation, and organizational skills
29302
The Security Operations Center is responsible for providing 24/7, 365 monitoring, detection, and response capabilities for our client. This includes event, cloud security, and DLP monitoring, as well as a role in the incident response process. The Tier 1 SOC analyst primarily serves as the initial triage and investigation point for the SOC and would escalate incidents on an as needed basis.
The Tier 1 Security Operation Center (SOC) Analyst is responsible for proactively monitoring and performing initial triage / investigation of security incidents and alerts to identify any malicious activity. Besides the initial triage and investigation, Tier 1 Analysts are expected to escalate security incidents according to defined escalation policies to Tier 2, Tier 3, and SOC leadership for further investigation / response.
Duties/Responsibilities:SOC AnalysisMonitor security incidents for, endpoints, network, and cloud domains, being generated by the SIEM tool and ticketing system.Initial triage and investigation of incidents assigned through the ticketing system, following established playbooks for specific incident types.Respond, mitigate, and eradicate security threats, with guidance from Tier 2, Tier 3 analysts, as well as SOC leadership.Documentation and Support
Provide consistent and quality documentation of actions taken to triage / investigate incidents.Assist senior staff in development of documentation / knowledge management articles for the SOC.Handle sensitive information in accordance with the Corporate Information Protection Policy.Collaborate with other Engineering and Operations teams to troubleshoot, respond, and improve detection capabilities.Skills:
Solid understanding of Cybersecurity concepts and frameworks.Proven, excellent analytical skills.Working knowledge in the use of tools such as SIEM / IT Ticketing technologies, EDR, Email Gateway's, Malware Analysis Sandbox.Understanding of networking (TCP/IP networks and protocols) concepts.Understanding of phishing and malware techniquesStrong written and oral communication, documentation, and organizational skills
29302