Security Operations Center

Title: Security Operations Center Senior Threat Analyst

Duration: 24 Months

Location: Brooklyn NY (Onsite)

Working Hours: 35 Hrs/Week

Candidate must be willing to workdays nights and/or weekends depending on coverage or critical incident response needs.

Shift Schedule: Night shifts will typically occur between the hours of 6:00 PM and 6:00 AM. The night SOC analyst position will include weekend shifts.

JOB DESCRIPTION:

• Perform many critical functions within the Threat Management discipline including staffing 24x7x365 coverage at the Citys Security Operations Center (SOC) augmenting FTE shift schedules including days nights weekends and holidays.
• Interface with OTI Cyber Command teams internally with City agencies vendors and informationsharing partners.
• Monitor City networks and security alerts for intrusion attempted compromise and anomalous behaviour.
• Apply mitigation techniques or escalation factors; correlate threat intelligence across various logs collected by established security controls.
• Produce routine SOC metrics & reporting.
• Maintain situation reports (SITREPS)
• Perform weekly quality control checks.
• Works closely with SOC Director on incident preparation including the continuous development of new SOC playbooks and runbooks.

MANDATORY SKILLS:

• Minimum 8 years of experience in Threat Management/SOC/Incident Response environment.
• Ability to lead and mentor junior analysts coordinate team activities and manage SOC operations effectively.
• Prior experience working in a SOC environment is mandatory. This includes familiarity with SOC operations procedures and tools such as SIEM (Security Information and Event Management) systems intrusion detection/prevention systems (IDS/IPS) and endpoint detection and response (EDR) tools.

DESIRABLE SKILLS:

• Knowledge of cybersecurity principles practices and procedures
• Strong understanding of network and host technologies
• Experience applying techniques for detecting host and networkbased intrusion using IDS methods and technologies.
• Experience with SIEM technologies malware analysis and mitigation techniques
• Apply cybersecurity and privacy principles to organizational requirements (confidentiality integrity availability authentication nonrepudiation)
• Interpret information collected by diagnostic network tools (Netflow security event logs IDS systems etc.)
• Ability to investigate and solve complex problems.
• Excellent communication skills are crucial for effectively communicating security incidents risks and recommendations to technical and nontechnical stakeholders including SOC Director and senior management.
• Threat Hunting: Proactive threat hunting capabilities to identify and investigate potential security threats or anomalies within the environment before they escalate into incidents.
• Incident Response: Experience in incident response procedures and methodologies including the ability to analyze security incidents contain threats mitigate risks and recover from security breaches effectively and efficiently.