SOC Analyst

Managed Services Cincinnati, Ohio


Description

SOC Analyst

SOC Analysts at RoundTower monitor customer environments and perform Incident Detection, Validation, and Incident Reporting. SOC Analysts are the frontline of SOC and are customer-facing representatives. SOC Analysts are responsible for triaging events, incidents, and reporting validated incidents to the customer for incident response.  Incumbents will possess strong technical and analytical skills while providing accurate analysis of security related problems.  They have a well-rounded networking background and are responsible for performing troubleshooting of customer issues.  This individual is user focused and works to resolve client needs in a timely manner.  These needs may involve resolving hardware/software failures, investigating and responding to security threats, and making change request to the security policy of company devices.

Role and Responsibilities: 

  • Monitor the SIEM for suspicious events and anomalous activity
  • Provide first level response for security events
  • Triage events for criticality
  • Conduct proactive threat research 
  • Validate suspicious events and incidents by using open-source and proprietary intelligence sources 
  • Document and manage incident cases in our case management system 
  • Report incidents to the customer 
  • Interface with customers to resolve issues, provide additional information, and answer questions related to incidents and monitoring 
  • Keep up-to-date with information security news, techniques, and trends 
  • Become proficient with our SIEM as an analyst 
  • Become proficient with ServiceNow as an analyst
  • Become proficient with third-party threat intelligence tools as required
  • Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
  • Incident management, response, and reporting
  • Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client

Position Requirements:

  • Experience in Information Security
  • Strong communication skills written and oral
  • Experience with SIEM, IDS/IPS, Firewall, and anomaly detection tools
  • Experience with Incident Management
  • Must demonstrate ability to solve practical problems and deal with a variety of variables in situations where only limited standardization exits
  • Perform with minimal supervision of routine duties
  • Able to handle multiple task simultaneously
  • Knowledge of Linux and Windows operating system
  • Understanding of network management concepts and software
  • A hunger to consistently hone and grow your skills and technical certifications.
Night Shift 7 pm-7 am