Responsible for monitoring security alerts, analyzing security events, investigating incidents, and implementing incident response procedures. They work closely with other SOC team members to triage alerts, conduct initial investigations, and escalate incidents as necessary.
- Relevant industry certifications are preferred such as:
- CompTIA Security+
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Ethical Hacker (CEH)
- GIAC Security Essentials (GSEC)
- CompTIA Cybersecurity Analyst (CySA+)
- EC-Council Certified Security Analyst (ECSA)
- Cisco Certified CyberOps
- Associate (CCNA CyberOps)
- Certified SOC Analyst (CSA)
Tools:
- Security Information and Event Management (SIEM) Systems:
- Splunk
- IBM
- QRadar
- LogRhythm
- ArcSight
- Endpoint Detection and Response (EDR) Platforms:
- CrowdStrike Falcon
- SentinelOne
- Carbon Black
- Network Traffic Analysis:
- Wireshark
- Zeek (formerly Bro)
- tcpdump
- Vulnerability Scanning Tools:
- Nessus
- Qualys
- Rapid7 InsightVM
- Email Security Gateways:
- Proofpoint
- Mimecast
- Cisco Email Security
Job Type: Full Time
Job Location: Remote
