Connecting linkedin

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9oyw1sew4td2lsbglhbxmvanbnl2jhbm5lci1kzwzhdwx0lwpvyi5qcgcixv0

Job

Lead SOC Analyst

  • Location

    Remote

  • Sector:

    Technology

  • Job type:

    Permanent

  • Salary:

    Competitive

  • Contact:

    Greg Farris

  • Contact email:

    g.farris@hamlynwilliams.com

  • Salary high:

    0

  • Salary low:

    0

  • Published:

    11 days ago

  • Expiry date:

    2023-07-15

  • Startdate:

    ASAP

ABOUT The Firm:

The Firm is a new managed security services provider, backed by ForgePoint Capital, that serves small-to-medium businesses in the US and Latin America. Our mission is to provide bundled, value-added security services. The Firm offers competitive pay, medical, dental, and vision insurance, 401k with employer matching, and paid time off.

NOTE: All applicants must be able to pass a background check and work in the US without the requirement of sponsorship.

 

POSITION DESCRIPTION:

As a member of the Firm's Security Operations Center, the Lead SOC Analyst provides incident response and analysis, remote support, and health monitoring to customers in a 24x7x365 SOC environment, and acts as a mentor and technical resource to other SOC Analysts.

The Lead SOC Analyst will be a part of a Managed Security Services offering which integrates and delivers products as-a-service to our customers. The Lead Analyst works closely with other Analysts, Engineering staff, and clients to complete high profile, critical services to existing Managed Security Service clients, and to on-board new clients as necessary.

  • Serve as an experienced technical lead for SOC customer incidents, taking ownership of client support issues and tracking through resolution when incidents exceed the knowledge or skill of Tier 1 Analysts.
  • Provide Tier 2 support (and Tier 1 as needed) for SOC Customers, following processes and interacting appropriately with both other analysts, customers and partners when required.
  • Be a technical expert in the firm's MSS platform, and mentor others with your expertise.
  • Be responsible for the on-boarding of customers to the platform from a technical perspective, working with the SOC Manager and Customer Success Managers to raise and troubleshoot issues.
  • Explain and demonstrate how to use Enterprise Security products, and the platform we offer, to both technical and relatively non-technical personnel.
  • Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies.
  • Implement and configure software and appliance-based products in enterprise environments.
  • Perform ad-hoc or scheduled threat hunting, using intel gained from reputable information security sources or internal customer data
  • Must be able to work during US Pacific Time business hours.

 

 

Qualifications (Required):

  • Excellent (fluent/native) written and spoken English.
  • Experience in the Information Security field, typically gained in 5+ years of work experience in a Security Operations Center, Managed Security, or client network environment
  • Demonstrated experience handling security incident analysis and response.
  • College degree or equivalent work experience
  • Advanced information security knowledge in a number of areas to include:
    • SIEM Configuration and Management
    • Log Collection
    • Network Traffic Analysis
    • User Behavior Monitoring
    • Malware Mitigation
  • Understanding of network architecture and implementation is a must; ideal candidate will have worked with network security analysis.
  • Excellent time management, reporting, and communication skills.
  • Superior IT problem-solving skills.
  • Eligibility to obtain Security Clearance
  • Schedule flexibility, including the ability to provide on call support when needed

 

Qualifications (Desired):

  • Excellent (fluent/native) written and spoken Spanish
  • Demonstrated experience and success in a Managed Service client environment
  • Experience working with Internal and client Ticketing Systems for Incident and Problem Tracking (i.e. ServiceNow, Remedy, Connectwise, Zendesk etc.).
  • General security knowledge (CySA+, Security +, CISSP, CEH, Cisco Security, or other security certifications).
  • An understanding of a wide array of server grade applications to include: Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others
  • Knowledge of any programming language for the purposes of automating tasks