Find Jobs
Sr. SOC Analyst
REMOTE, South Carolina  |  Remote
Contract to Hire Position
It appears that you have already applied to this job.
Applied on November 29, 2021
Job Id #51811 Posted November 1, 2021


The senior Managed SOC Analysts primary function is to provide professional security operations center (SOC) analysis associated with customer monitoring activities through the processing and management of incident and request tickets, as they are assigned. The role is responsible for investigating novel and complex threats, developing knowledge, playbooks, and automation.

Deeper dives into threat hunting are also in scope. The responsibilities include receiving and managing escalations from other Analysts, customers, and other internal groups, as well as managing the full incident handling lifecycle with customers. The analyst is expected to contribute to internal documentation and adherence to SLA targets and requirements. The role includes forensic log root cause analysis and interfacing with clients and associates as needed to resolve complex cases. Senor Analysts are expected to participate in and contribute to planning and implementation of strategic and operational projects in efforts to achieve overall PSS goals. Senior analysts are expected to be able to troubleshoot complex problems with little oversight, take ownership and work independently as needed to resolve customer issues.

Requirements:

  • SOC experience
  • Experience with Splunk or other security monitoring tools
  • Experience with Python, Linux Shell Scripting or Windows PowerShell Scripting
  • Must be US Citizen
  • Must be fully vaccinated by Dec 8th

Duties and Responsibilities:

  • Serve as escalation point in the SOC
  • Proactively drive hunting and analysis on behalf of multiple clients
  • Leverage internal and external resources and threat intelligence feeds to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
  • Lead incident respond in the SOC
  • Investigate novel and complex threats, then develop knowledge, playbooks, and automation.
  • Develop new use cases and playbooks/SOPs, as well as automation for recurring incidents and incident tasks
  • Improve DFIR processes and procedures to reduce false position alerts
  • Collaborate with technical and business SMEs to identify gaps to enhance security monitoring
  • Maintain Industry Training - This involves keeping up-to-date on security technologies, threats, and risk mitigation techniques
  • Maintain Knowledge of Current Threats - Keep up-to-date on current threats by regularly reading industry-related articles
  • Enhance vSOC with advanced skill sets such as SOC automation and orchestration to optimize SOC resource allocation
  • Case Management - ensuring the case management process is handled efficiently in a timely manner by all SOC personnel
  • SOC Activity Log -creating, reviewing, and maintaining entries, working with other analysts Report Creation - creating temporary or permanent reports for customers, as requested.
  • Customer Meetings - attending and/or leading customer meetings as part of incident response and incident handling
  • Training and Mentoring SOC personnel - Security Analysts are responsible for training new SOC employees; also responsible for training and mentoring existing SOC personnel on new technologies implemented by CenturyLink; also responsible for retraining SOC personnel, if necessary
  • Tuning - regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered
  • System Maintenance - assisting SOC Engineers with maintenance on security devices, as needed
  • Projects - May lead moderately complex security projects as assigned
  • Interface with customers on a daily basis to consult with them on best security practices and help them mature their security posture
  • Gain and maintain knowledge of Customers business and technical environment
  • Communicate incidents at an appropriate level of details with all levels of the organization

Shift Responsibilities: The Security Analyst is responsible for the following shift duties:

  • Daily Traffic Review - replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst
  • Report Run Verification - ensure customer reports run as scheduled
  • Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study
  • Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents
  • Handle Tier 2 event incident response, case management, and customer notification
  • Ensure security devices contain up-to-date signatures libraries
  • Assist with engineering tasks as necessary
  • Train SOC Level 1 Analysts on new attack signatures and attack methodologies
  • Providing process and operational improvement suggestions
  • Review and update documentation (such as SOPs and TTPs)
  • Complete vendor training as requested by Management
  • Daily Case Management - the Security Analyst will review open cases and provide follow up that may be required

Qualifications:

  • Must be U.S. citizen
  • 5+ years of Information Security experience
  • Expertise experience in Splunk preferred
  • Strong understanding of security principles such as attack frameworks, threat landscapes, attacker TTPs, etc.
  • Working experience with integration with different security systems and devices
  • 3+ years coding and scripting experience in Python, Linux shell scripting or Windows PowerShell scripting etc.
  • Working experience and knowledge of SOAR platforms and solutions
  • 2-4 years of systems analysis
  • Working knowledge of Linux and syslog from CLI
  • Proven ability and past experience performing moderately complex security analysis for information technology is required
  • Excellent writing and communications skills
  • Familiarization with a variety of information and network security monitoring tools (ArcSight SIEM, QRadar SIEM, Splunk, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool, and Imperva WAF, among others)
  • Ability to work in a dynamic team-centered environment

Education Preferred:

  • Bachelors Degree in Computer Information Systems or related field

Industry Certifications: All Analysts should possess the background and experience necessary to obtain Industry or SOC specific certifications as instructed by management. Possible applicable certifications include, but are not limited to:

  • Certified Information Systems Security Professional (CISSP)
  • Information Systems Security Engineering Professional (CISSP-ISSEP)
  • Systems Security Certified Practitioner (SSCP)
  • CompTIA Security+
  • Certified Ethical Hacker (CEH)
  • Certified Security Analyst (ECSA)
  • Certified Incident Handler (ECIH)
  • CompTIA Cybersecurity Analyst (CSA+)
  • Information Technology Infrastructure Library (ITIL)
  • Cisco CCNA
  • Cisco CCNP + Security
  • GSEC
  • GCIH
  • GCIA
  • MCSE
  • Linux+

Work Experience:

  • 2-3 years of Managed Security Service Provider (preferred)
  • 3-4 years of senior SOC analyst experience
  • Threat Intelligence or Forensic background is a plus

Horizontal is proud to be an Equal Opportunity and Affirmative Action Employer. We seek to provide employment opportunities to talented, qualified candidates regardless of race, color, sex/gender including gender identity and/or expression, national origin, religion, sexual orientation, disability, marital status, citizen status, veteran status, or any other protected classification under federal, state or local law.

In addition, Horizontal will provide reasonable accommodations for qualified individuals with disabilities. If you need to request a reasonable accommodation in order to complete the application or interview process, please contact hr@horizontal.com.

All applicants applying must be legally authorized to work in the country of employment.

EQUAL OPPORTUNITY EMPLOYMENT SURVEY

What is your gender?

What is your ethnicity?

What is your Veteran / U.S. Military Status?

Do you identify with one or more of the classifications of protected veterans below?

If yes, please indicate by checking the appropriate box below

Do you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Horizontal is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Success!

You have saved your first job! To see all your Saved Jobs, click here. Or continue scrolling through jobs and bookmark openings that catch your eye and apply for those jobs later.

Return to Job Search
Close

We’re sorry!

There are currently no open positions in your location or accepting applications from out of the country

Return to Home
Close
X
Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.
Confirm