Are you an experienced Security Operations Center (SOC) Analyst looking for endless possibilities and growth? Do you have a passion for security and protecting your environment from attackers? DruvStar is a growing company looking for creative and curious individuals looking to make the world a better place. As a Tier II SOC Analyst you will be part of the Security Operations Team that is focused on protecting our clients from the bad guys. The primary function of this position is to investigate, identify and report on cyber threats. You act as a key resource during incident response efforts, assists with classifying security events, develop remediation guidance, support documentation and client reporting deliverables, and assists with system security compliance.
- Provide security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC) that supports internal and external customers
- Respond to cyber security tickets and provide analysis and trending of security log data from security devices as well as various security tool portals
- Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents
- Provide proactive “threat hunting” to detect incidents
- Tune rules and thresholds to improve fidelity of alerts
- Prepare reports of analysis and results to provide briefings to management and clients
- Provide Incident Response support when analysis confirms actionable incident
- Investigate, document, and report on information security issues and emerging trends.
- Mentor junior staff and interns
- Experience with Security Operations Center, network event analysis and/or threat analysis
- Experience working on an Incident Response Team
- Knowledge of various security methodologies and technical security solutions
- Experience analyzing data from cybersecurity monitoring tools
- Ability to analyze endpoint, network, and application logs
- Experience tuning and/or configuring SIEM and vulnerability tools
- Knowledge of common Internet protocols and applications
- Scripting experience in Linux or PowerShell preferred
- Bachelor’s degree in Computer Science, Information Technology or equivalent experience.