SOC Senior Associate

Job SummaryThis role is part of our Managed Services team to serve as the primary responder to security events within the Security Operations Center. The ideal candidate would have a strong problem-solving skills and analytics aptitude. This role participates in security posture monitoring and threat response activities and is directly responsible for troubleshooting security events. The preferred candidate will provide the initial analysis during security incidents, establishing the extent of the threat, business impacts and then advising and performing the most suitable course of action to contain and remedy the incident. The SOC Analyst must maintain a good knowledge of the threat landscape, help enhance current capabilities and provides support in the identification of new methods of detecting threats.Job Duties · Monitor security event platforms and follow incident playbook for first response, triage, potential resolution and participate in post mortem activities as required.· Conducts network monitoring and intrusion detection analysis using various network defense tools, such as intrusion detection/prevention systems (IDS/IPS), firewalls, host-based security systems (HBSS), Azure security and audit log management etc.· Provide proactive feedback to enable improvement of the current monitoring rules, based on information and knowledge/experience· Ability to react quickly, decisively and deliberately in high-stress, high-impact situations· Creates daily, weekly, and monthly report for Security Management Team· Performs front line response and escalation tasks and updates runbooks and procedures as needed· Compile statistics and contribute to the improvement and creation of playbooks· Use public cyber security resources (e.g. sites/blogs/podcasts) to stay up to date with latest news, threats, and security analysis toolsQualifications, Knowledge, Skills and AbilitiesEducationBachelor's Degree from an accredited university, Information Technology or Computer Science major Experience· Two (2) or more years' experience within cloud technologies such as Azure, Azure Stack Azure Backups, AWS or similar cloud experience, required· Two (2) or more years' experience of network protocols, configurations, or operations required· Two (2) or more years of experience in infosec, cybersecurity, system or networking, required· Ability to triage problems, design and identify solutions and appropriately escalate issues in fast-paced environment, required· Some Experience with EDR platform or SIEM Platform(Sentinel), required· Prior experience with help desk ticketing systems and service desk management tools, preferredLicense(s)/Certification(s)· Any Security certifications, preferred (SC200 recommended)· Azure certifications, preferred (AZ104 recommended)· System / Networking certifications, preferredExperience with three or more of the following, required· Information Security tools & packet analyses tools (e.g. CB, Wireshark)· Intrusion Detection (e.g. IDS/IPS tools)· Firewall troubleshooting experience· Strong Windows and Linux experience· Internet Protocols and Services (e.g. TCP/IP, FTP, HTTPS, SSH)· Networking infrastructure· Log analysis/ Windows event analysis· Network and Host basic forensics· Antivirus solutions· Strong troubleshooting and root cause analyses skills Other Knowledge, Skills & Abilities· Strong oral and written communication skills· Excellent interpersonal and customer relationship skills· Capacity to work in a deadline-driven environment while handling multiple projects/tasks simultaneously with a focus on details· Capable of successfully multi-tasking while working independently or within a group environment· Capable of working well under pressure while dealing with unexpected problems in a professional manner· Ability to communicate technical issues with non-technical peopleMust possess good work habits, a strong work ethic, and be able to adhere to company work hours, policies, and standard business etiquette PRB