About Us
Thrive is an innovative technology solutions provider focused on Cyber Security, Hybrid Cloud, Global Network Management, Disaster Recovery, and traditional Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon NextGen services help us stand out among our peers. Thrive is on the look-out for individuals who don’t view their weekdays spent at ‘a job’ but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you’re attracted to a work hard, play hard environment and seek the guidance, training, and experience necessary to build a lucrative career, then welcome to THRIVE!
Position Overview
With a growing client base, Thrive is continuing to build out its security team. We are looking to hire a SOC Analyst 1 to take a role within our Security Operation Center to assist with continuously monitoring and improving our customers' security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents utilizing technology and well-defined processes and procedures. The ideal candidate will have a passion for information security and will value what a properly managed security monitoring solution can bring to our client needs.
Primary Responsibilities
* Perform security event monitoring using Security Information and Event Management (SIEM) from multiple sources, including but not limited to, events from network and host-based intrusion detection/prevention systems, network infrastructure logs, systems logs, applications, and databases.
* Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform analysis of exploits.
* Proactive monitoring and response of known and/or emerging threats.
* Carry out Thrive’s information security strategy both internally and externally for 400+ clients in the northeast.
* Analyze data from our SOC and SIEM and determine if further analysis is needed.
* Work within Thrive’s security standards and best practices and recommend future enhancements.
* Manage our clients’ security awareness training to help their end users be as safe as possible.
* Analyze vulnerability scans and determine remediation steps.
* Stay abreast of security events and techniques to keep our clients protected.
* Build awareness through training and education.
Qualifications
* Knowledge of the following systems and technologies:
o SIEM (Security Information and Event Management)
o TCP/IP, computer networking, routing, and switching
o IDS/IPS, penetration and vulnerability testing
o Firewall and intrusion detection/prevention protocols
o Windows, UNIX, and Linux operating systems
o Network protocols and packet analysis tools
o EDR, Anti-virus, and anti-malware
o Content filtering
o Email and web gateway.
* Understanding of cybersecurity threats, and experience with incident response standards and procedures.
* Demonstrates comprehension of good security practices.
* Professional experience in a system administration role supporting multiple platforms and applications.
* Ability to communicate network security issues to peers and management.
* Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions. Must be able to work effectively in a team environment and collaborate within the team and other stakeholders.
* Computer Networking & Security
* Vulnerability Discovery and Analysis
* Operating System Internals
* Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.).
* Excellent Written and Verbal Communication Skills.
Preferred Skills:
* Knowledge of common Windows and Linux/Unix system calls and APIs.
* Understand Anti-Virus.
* Knowledge of programming languages.
* Knowledge of internal file structures for file formats commonly associated with malware (e.g., OLE, RTF, PDF, EXE, etc.).
#J-18808-Ljbffr