SOC L2 Analyst

SOC Analyst
Onsite in Charlotte or Detroit for Hybrid model 3 days a week
Duration : 24months with possible extension
Interview : ** Video conference interview; provide location and best time to interview.


Mandatory skills : ** SOC Analyst**: ** Azure/AWS security experience GCIA GCIH or other GIAC certifications preferred; ** Experience in Security Operation Center/Incident response; **Splunk practical experience. ** Able to participate in a rotating OnCall schedule for afterhours information security events / incidents; **Good communication skills customer facing calm even demeanor when challenged proactive team player who works well with others and work well collaboratively. Able to challenge respectfully and look for opportunities for continuous improvement. Able to mentor and coach junior team members

Job Description

Position Description

The SOC L2 Analyst position is a valued member of the Information Protection and Risk Management team. The Analyst is part of the SOC (Security Operations Center) team and works closely with other members of the IPRM program to develop and implement a comprehensive approach to the management of security risks.

This role is responsible for working with other Security Operations Center team members in responding to security events according to established policies and best practices.

Job Responsibilities

• First level response for real time security alerts and events
• Assist the Incident Response team in handling security events / incidents
• Perform complex security investigations and root cause analysis
• Data mining through use of SIEM or other data analytics solutions
• Perform phishing investigations and response
• Report generation around security events and metrics
• Ensure that all security events are properly documented/tracked to meet audit and legal requirements
• Develop documentation in support of response processes and/or procedures
• Determine level of event severity and escalate as necessary
• Participate in a rotating OnCall schedule for after hours information security events / incidents

Qualifications

• Azure/AWS security GCIA GCIH or other GIAC certifications preferred
• Practical understanding of network protocols and operating systems
• Broad understanding of security mitigation solutions at all layers
• Minimum of four years information security specific experience
• Bachelors degree in information systems or equivalent experience
• Ability to analyze large data sets to identify trends/anomalies indicative of malicious activity
• Good understanding of application logic flow
• Understanding or background in code development
• Awareness of the current threat landscape
• Selfdriven and motivated with a strong passion for cybersecurity
• Excellent verbal and written communications skills
• Excellent problem solving and troubleshooting skills with a strong attention to detail
• Ability to interact with personnel at all levels across the organization and to comprehend business imperatives
• Ability to thrive in a fastpaced environment and capable of working under pressure