• Security
  • Remote

REQUIREMENTS

  • Provide escalation support for incident escalation by SOC 1 Analysts.
  • Manage incidents and tickets for SOC customers.
  • Work closely with the Threat Hunting Team and SOC Analysts to communicate findings with customers.
  • Meet with customers on a regular basis to review Cybersecurity GRC program.
  • Report to SOC Manager and provide feedback to SOC manager on an on-going basis to improve Cybersecurity GRC offering to customers.
  • Provide feedback to improve automations and playbooks for SOC customers.
  • Meet regularly with SOC team members.
  • Attend virtual training sponsored by Driven for select Cyber Security tools.
  • Assist SOC team on-board new SOC customers and off-board SOC customers.
  • Communicate results of investigations to customers and log responses and time in Connect Wise.
  • Develop GRC reporting for SOC customers and present reports to customers.
  • Perform administrative duties on SOC toolsets (Cortex XDR, XSOAR, LogRhythm, Cisco XDR, Splunk etc).
  • Review Cybersecurity tools/scans/reports and propose action plans to customers.
  • Attend monthly and quarterly business reviews with customers.
  • Actively update documentation for SOC customers on Confluence.
  • Log time to Connect Wise daily.
  • Manage all security situations in a professional and courteous business manner with an emphasis on customer satisfaction, while keeping the customer abreast of expectations, problem status and completion.

REQUIREMENTS

  • 5+ years experience as a Security/Cyber/Network Analyst.
  • Experience working with XDR and MDR toolsets.
  • Excellent written and verbal communication skills.
  • Direct experience in Security Operations Center work, Network Event Analysis, Threat Analysis, and/or Intelligence Analysis.
  • Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems).
  • Ability to analyze endpoint, network, and application logs.
  • Knowledge of common Internet protocols and applications.
  • Experience as a system administrator (preferred but not required).

To apply for this job email your details to resumes@thewoodsgroup.net