Job Summary:
We are seeking a motivated and detail-oriented SOC Analyst to join our Security Operations Center. As a SOC Analyst, you will be responsible for monitoring and responding to security alerts, assessing the severity of potential security incidents, and escalating issues when necessary. This role is ideal for someone with foundational knowledge of cybersecurity tools and technologies and a passion for protecting organizations against security threats. You will have the opportunity to work with cutting-edge tools such as Endpoint Detection and Response (EDR) platforms, Microsoft 365, CrowdStrike, Sentinel, and Defender.
Key Responsibilities:
Monitor Security Alerts:
* Continuously monitor the alert queue from various security tools, including EDR, Microsoft 365, CrowdStrike, Sentinel, and Defender.
Alert Investigation:
* Analyze and determine the legitimacy of security alerts, investigate the root cause, and classify incidents based on severity.
Escalation of Issues:
* Identify and escalate confirmed security incidents to senior team members for further investigation and resolution.
Collaborate with Alert Tuning Team:
* Work closely with the alert tuning team to reduce false positives by fine-tuning detection rules and improving the accuracy of security alerts.
Documentation:
* Maintain detailed and accurate records of security incidents, actions taken, and results of investigations in the incident management system.
Incident Response Support:
* Assist in the initial phases of incident response, including containment, eradication, and recovery when required.
Maintain Knowledge of Threats:
* Stay updated on the latest security threats, attack vectors, vulnerabilities, and defense mechanisms to continuously improve analysis and detection capabilities.
Qualifications:
Education:
* Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Relevant certifications or equivalent work experience will also be considered.
Experience:
* 0-2 years of experience in cybersecurity or a related field, preferably in a SOC environment.
Technical Skills:
* Basic understanding of cybersecurity principles and practices.
* Familiarity with any of the following tools: EDR platforms, Microsoft 365 Security, CrowdStrike, Sentinel, Defender.
* Knowledge of incident detection and response processes.
Soft Skills:
* Strong problem-solving and analytical abilities.
* Effective communication skills, both verbal and written.
* Ability to work under pressure and handle multiple tasks simultaneously.
* Eagerness to learn and develop new skills in cybersecurity.
Please contact Alice Armstrong at Hayward Hawk for more information.