Job Summary:
The SOC Analyst is responsible for administrating and supporting client's operating system environments according to best practices, while ensuring high levels of system availability and performance, oriented to support Security Threat incidents.
Responsibilities:
Provide continuous L1/L2 monitoring of security events and alerts using SIEM tools. Analyze and correlate security data to identify potential threats and vulnerabilities Perform real-time analysis of security alerts to assess severity and impact. Detect, investigate, and respond to security incidents promptly. Participate in containment, eradication, and recovery activities. Utilize threat intelligence feeds to stay updated on the latest threats. Collaborate with IT teams to remediate vulnerabilities based on risk. Manage and configure security tools such as firewalls, IDS/IPS, endpoint protection, and SIEM platforms. Understand services of MS Windows Server OS & Linux OS, such as DNS, AD, and CA. Proactively ensure the highest level of systems and infrastructure availability. Work with client teams to resolve operating system, availability and performance related issues. Work closely with and in support of the IT Service Desk, Engineering team and vendors to expedite issue resolution. Proper administration of assigned tickets including, documentation, updating, managing ticket performance. Identify opportunities for alert reduction and automation. Document all security incidents, including detection, analysis, and response actions. Contribute to the enhancement of Standard Operational Procedure documentation. Skills and Experience:
Experience: Minimum of 1+ years of experience in related field. Education: Computer Science, Engineering, IT bachelor's degree or equivalent working experience. CompTia Security Plus or CCNA CyberOps Associate knowledge. Certified preferred Microsoft AZ-500, SC-200 or SC-300. Certified preferred Technical Skills: Basic knowledge of the ITIL framework. Basic knowledge in infrastructure operations management, with knowledge in backup, antivirus, and patching. Basic knowledge of Active Directory services. Familiar with cloud computing concepts and basic operations. Basic windows server administration (v. 2012-2022) with basic knowledge of networking and Linux. Basic knowledge in virtualization technologies (eg. VMware). Be familiar with Microsoft Office 365 & Email security applications. Basic knowledge of Disaster recovery techniques. Be familiar with Security Incident management Be familiar with security appliances and solutions such as IPS, IDS, Firewall, SIEM, and EDR solutions is preferred. Be familiar with IT Security Auditing. Be familiar with IT Security threat hunting process or Indicator of Compromise (IOC)-Based Hunting. Be able to process logs from several different sources such as IDS/IPS, network devices, cloud services and/or Servers to correlate security incidents. Be familiar with IT Security Standards such as NIST CSF, ISACA COBIT, CisControls, ISO-27000, is a plus. Required Technical Proficiencies: Monitoring & analysis tools Incident Response and handling techniques Malware analysis Language Skills: English – Spanish Language (Oral and writing 85 % or higher), (B2+ or above). #J-18808-Ljbffr