The successful candidate for the Security Operations Center (SOC) Engineer role will help coordinate and report on cyber incidents impacting Avalara’s products, services, and Enterprise infrastructure. You will work with world class staff and tools to identify, monitor, and address attacks and malware, while participating in building a next-generation Security Operations Center (SOC).
You’ll be responsible for assessing ambiguous situations and data, apply security concepts, determine legitimacy, and lead investigations through closure. You will apply your strong enterprise IT background by analyzing data from Avalara’s ecosystem of tools, systems, and architectures to assist in incident response, threat hunting, and data analysis. This role involves critical responsibilities within Incident Response procedures that must continue to be performed during crisis situations.
- Responsible for working in a 24x7 Security Operation Center (SOC) environment.
- Provide analysis and trending of security log data from a large number of heterogeneous security devices.
- Provide Incident Response (IR) support when analysis confirms actionable incident.
- Provide threat and vulnerability analysis as well as security advisory services.
- Analyze and respond to previously undisclosed software and hardware vulnerabilities
- Investigate, document, and report on information security issues and emerging trends.
- Integrate and share information with other analysts and other teams.
- Other tasks and responsibilities as assigned.
- Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
- Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
- Knowledge of common Internet protocols and applications.
- Familiarity using SIEM and other log aggregation and correlation tools
- Excellent written, verbal and presentation skills are required
- Strong analytical and organizational skills are essential and required
- Must be able to work autonomously as well as in team environments, often in stressful, high impact situations
- 1+ years' experience as a Security/Network Administrator or equivalent knowledge.
- Experience with a variety of cloud providers such as AWS
- Experience scripting and SQL knowledge highly desirable.
- GCIA, GCIH, or other related certifications.