Senior SOC Analyst (SOC III) in Work At Home at Teleperformance US

Date Posted: 6/26/2020

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    5295 Commerce Drive
    Work At Home
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    6/26/2020

Job Description



The focus of the Senior SOC Analyst (SOC III) is to proactively investigate security events in an effort to identify artifacts of a cyber-attack. They will also be expected to participate in several different areas within Security Operations and Incident Response process; these activities can include digital forensics, use case development, security control testing, and hunt plan development. The SOC III Analyst will use data analysis, threat intelligence, and cutting-edge security technologies. Working within the Security Operations Center team, the SOC III Analyst is responsible for reviewing system log events and data packets to proactively detect advanced threats that evade traditional security solutions The SOC III Analyst will ensure that new environments are identified and understood to enable accurate and actionable reporting for other tiers. SOC III Analyst will also participate in developing processes, procedures, training, etc. for new technologies. The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences.

Job Duties and Responsibilities:

● Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs)

● Capture intelligence on threat actor TTPs/IOCs and coordinate with SecOps pods to develop countermeasures

● Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from a variety of security sensors

● Perform Root Cause Analysis of security incidents to develop enhancements to existing alerting tools

● Compile detailed investigation and analysis reports for internal SecOps consumption and delivery to management

● Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts

● Develop advanced queries and alerts to detect adversary actions

Job Requirements

Qualification:

●  5+ years of experience in Information Security (Required)

●  2+ years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM, and malware triage (Required)

●  Experience with packet analysis and usage of deep packet inspection toolsets.

●  Knowledge and experience working with the Cyber Kill Chain Model, Diamond Model or MITER ATT&CK Matrix. (Required)

●  Familiarity with EDR/SOAR/Anomaly detection solutions

●  Prior experience working with in the following areas: (Desired)

o  Computer Incident Response Team (CIRT)

o  Computer Security Incident Response Center (CSIRC)

o  Security Operations Center (SOC)

●  Experience with APT/crimeware ecosystems (Desired)

●  Industry certification such as the following: (Desired)

o  SANS (GCIH, GPEN, GWAT, GXPN, GCFA, GCFE, GREM)

o  Offensive Security (OSCP, OSWE, OSCE, OSEE)



Additional relevant information:

●  Personality is a BIG factor…they need to be able to communicate openly and clearly with other people on the team, leadership, coworkers

●  Candidate should possess a curious investigative mind, an interest in information security, and new & innovative technologies.

Work environment (culture, team size etc.):

●  Global, very collaborative, dynamic, can be demanding in terms of the critical nature of the business

Experience:

●  Forensic analysis: 1 year (Required)

●  Cyber Security: 5 years (Required)

●  DNS: 1 year (Preferred)

●  Malware Analysis: 1 year (Preferred)

●  Root cause analysis: 1 year (Preferred)

●  Threat Analysis: 1 year (Required)

Education:

●  Bachelor's (Preferred) or relevant work experience

Not Ready to Apply?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.