Level 3 SOC Analyst at Gardner Resources Consulting
Atlanta, GA
About the Job
We are seeking Level 3 SOC Analysts that will be responsible for the identification and tracking of potential security incidents across our clients enterprise
The SOC Senior Analyst is essential, as you are part of the first line of defense for the Information Security Team
The SOC Senior Analyst position is responsible for training new SOC analysts, assisting in intricate cyber security investigations as part of Threat Response activities, facilitating escalation of cyber security Incidents according to a well-documented Incident Response plan, creating, maintaining & updating SOP documentation for SOC Threat Response playbooks, metrics reporting, and ensuring correct analysis for the cyber
Day to Day: Perform thorough investigative analysis of potential cyber security threats based on log review and correlating events which requires the documenting of results that create a timeline that can be read and understood by both technical and non-technical personnel
Review ongoing or completed investigations performed by Level 1/L2 SOC Analysts for potential escalation and / or provide analysis feedback to Analyst and SOC Manager
Work alongside senior security engineers and architects to deliver superior security services Develop, enhance, and operationalize processes to ensure quality of triage
Assist with the development, measurement, analysis, and maintenance of internal and external service metrics for Security Operations, providing timely reports to leadership teams
Leverage the metrics to make better informed decisions on improving the organization's capability and functionality
Lead, coordinate, and train others on effective analysis of security alerts
Work with Alert & Detection engineers (OCE) on the new alert creation, validation and tuning
Collaborate across various business units to deliver the most comprehensive security response to internal customers.
Must Haves: 5+ years' experience working as a Level 3 SOC Analyst Practical experience in the Triage function within a Security Operations Center, preferably in an MDR/MSSP, or complex environment Continually learning new attack vectors, new threats, and security framework expertise Strong and demonstrated ability to define effective security processes
Ability to identify current opportunities in current processes and roll out necessary changes
Strong and practical knowledge of industry adopted frameworks and methodologies (MITRE ATT&CK, CIS, NIST, ISO, PCI-DSS, etc.).
Experience with the following information security technologies and principles:
• SOAR
• SIEM
• EDR
• Email Filtering
• Log Analysis
• Proxies
• Malware sandboxing
• AV Solutions
• DLP
• EuBA
• Mitre Att@ck / Kill Chain Analysis
• Authentication
• Cloud Technologies
• Scripting or Programing Languages
• Familiarity with OS Processes o Windows, Linux, MAC Education
• Undergraduate degree in information systems or computer science (Required)
• Advanced degree in engineering, Cybersecurity, information assurance, information security, information systems or computer science (Preferred)
Certifications: There are no certification requirements, but strong consideration will be given to those with the following or similar:
• SANs/ GIAC
• CompTIA
• ISC2
• ISACA
The SOC Senior Analyst is essential, as you are part of the first line of defense for the Information Security Team
The SOC Senior Analyst position is responsible for training new SOC analysts, assisting in intricate cyber security investigations as part of Threat Response activities, facilitating escalation of cyber security Incidents according to a well-documented Incident Response plan, creating, maintaining & updating SOP documentation for SOC Threat Response playbooks, metrics reporting, and ensuring correct analysis for the cyber
Day to Day: Perform thorough investigative analysis of potential cyber security threats based on log review and correlating events which requires the documenting of results that create a timeline that can be read and understood by both technical and non-technical personnel
Review ongoing or completed investigations performed by Level 1/L2 SOC Analysts for potential escalation and / or provide analysis feedback to Analyst and SOC Manager
Work alongside senior security engineers and architects to deliver superior security services Develop, enhance, and operationalize processes to ensure quality of triage
Assist with the development, measurement, analysis, and maintenance of internal and external service metrics for Security Operations, providing timely reports to leadership teams
Leverage the metrics to make better informed decisions on improving the organization's capability and functionality
Lead, coordinate, and train others on effective analysis of security alerts
Work with Alert & Detection engineers (OCE) on the new alert creation, validation and tuning
Collaborate across various business units to deliver the most comprehensive security response to internal customers.
Must Haves: 5+ years' experience working as a Level 3 SOC Analyst Practical experience in the Triage function within a Security Operations Center, preferably in an MDR/MSSP, or complex environment Continually learning new attack vectors, new threats, and security framework expertise Strong and demonstrated ability to define effective security processes
Ability to identify current opportunities in current processes and roll out necessary changes
Strong and practical knowledge of industry adopted frameworks and methodologies (MITRE ATT&CK, CIS, NIST, ISO, PCI-DSS, etc.).
Experience with the following information security technologies and principles:
• SOAR
• SIEM
• EDR
• Email Filtering
• Log Analysis
• Proxies
• Malware sandboxing
• AV Solutions
• DLP
• EuBA
• Mitre Att@ck / Kill Chain Analysis
• Authentication
• Cloud Technologies
• Scripting or Programing Languages
• Familiarity with OS Processes o Windows, Linux, MAC Education
• Undergraduate degree in information systems or computer science (Required)
• Advanced degree in engineering, Cybersecurity, information assurance, information security, information systems or computer science (Preferred)
Certifications: There are no certification requirements, but strong consideration will be given to those with the following or similar:
• SANs/ GIAC
• CompTIA
• ISC2
• ISACA
