SOC Analyst L3
Detalhes do emprego
• To support customers in defending, responding, reporting, mitigating, and restoring enterprise systems before, during, and after any attempts at exploitation. • Tier 2 SOC analysts pick up the investigations where Tier 1 left them off, pursuing all leads identified in the first phase of the incident to eliminate the possibility of false positives. What separates a BR Tier 1 analyst from a BR Tier 2 analyst is 5 years of experience and incident leadership. Tier 3 analysts act as SME bringing 10 years of experience to their role. • Monitor organizations SIEM and security-related devices such as Firewall, IDS, EDR, and DLP. • Process data collected from various sources to assist in cyber investigations, such as system logs, application logs, firewall logs, and packet captures. • Perform network assessments and forensic analysis when directed. • Assist Tier 2 and Tier 1 with cyber security-related incidents and handle all incidents escalated to them. • Analyze internal operational architecture, tools, and procedures for ways to improve performance. • Collaborate with development organizations to create and deploy the tools needed to achieve objectives. Requirements: • 7+ years of professional experience as a technical subject matter expert. • A bachelor’s degree in a related field (IT, engineering) is preferred. • Proven experience in or knowledge of TCP/IP, Mitre ATT&CK, and Cyber Kill Chain. • Advanced knowledge of security management and monitoring tools such as Splunk, as well as IT ticketing systems. • Strong working knowledge of EDR Carbon Black or other EDR products. • Working knowledge of IT ticketing systems, case management tools such as TheHive or Resilient. • Good understanding of network and system architectures, HLD, and LLD. • Experience on Linux and Windows Operating Systems. • In-depth knowledge of security devices and applications such as DLP, Endpoint Security (Carbon Black), Firewalls, as well as authentication services like ACL, TACACS, RADIUS. • Strong understanding of Change Management and Incident handling. • Working knowledge of NIST Security Control Standards. • Desired certifications: CEH, GCIA, CCNA, CCNP, ITIL. #J-18808-Ljbffr
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.
