Netsync Network Solutions SOC Analyst II in Dallas, Texas
Netsync is an award winning MSSP that provides numerous security solutions, including a 24x7 Security Operations Center (SOC). Netsync is a leader in innovation, is moving at an amazing pace, and is looking for a SOC Analyst to join a dynamic and growing team of individuals.
As a SOC Analyst Level 2, your primary responsibilities will be focused on the initial triaging and validation of incidents as needed and performing the deeper dives into events and incidents for mitigation of attacks to client networks when escalated from tier I analysts. You will act as a senior level analyst, mentoring those around you to strengthening the department. Additionally, being the technical lead for assigned clients, presenting findings to clients as required for RCA presentations and lessons learned at the closing of incidents and events. Additionally, you will help in developing processes, SOP's, workflows and runbooks.
In this role, you will have the opportunity to, not only impact, but shape the future of the SOC and MSSP team.
Roles and Responsibilities
Provide first and second level technical resolution for security events and incidents through data correlation, event attribution, and recommend and/or implementing remediation steps within Service Level Agreements (SLA's).
Perform cyber news analysis, security awareness training and recommend new methods for detecting threats within the products and platforms of the MSSP.
Participate in mentoring and knowledge sharing with other analysts to help develop various skill sets on the team.
May lead dedicated team(s) for Threat Hunting, Malware Analysis or Reverse Engineering, Digital Forensics, Incident Response, and Web Defense as required.
Establish concierge-type relationship with clients, being intimately familiar with the workings of their network for expedited analysis and remediation of events.
Perform advanced configuration audits for client environments reducing initialization vectors.
Working closely with the SOC Supervisor and Management, participate in the following:
Escalate incidents to SOC Supervisor as required by policies and procedures.
Inform or advise SOC Management on incidents and incident prevention methodologies
Document processes, procedures, operations manuals, and workflows.
Identify weaknesses in customer infrastructures and suggest improvements.
Assist in identifying opportunities to improve internal processes and tools for operational capabilities or efficiencies.
Assistance in tuning of various EDR solutions for clients to enhance endpoint hardening.
Duties as assigned
Skills and Experience
Passion for Information Security is a MUST! We firmly believe that passion is the gateway to learning and developing your skills!
Ability to take accountability for your actions and responsibilities, owning problems and tasks assigned to you and fulfilling them to completion.
3+ years of working experience in information security, technical operations, or similar capacities.
Ability to utilize CLI's across multiple operating systems for routine tasks such as identifying running processes or services, logged on users, permissions, review logs, etc.
Strong knowledge of at least one coding or scripting language to automate or enhance routinely performed tasks.
Ability to use the TTP's of the MITRE ATT&CK framework curation to strengthen network attack detections and defenses.
Ability to work in a diverse, fast-paced environment and effectively collaborate across teams.
Exceptional people skills with demonstrated ability to work with both a technical and functional audience.
In depth understanding of hardening various OS architectures such as OSX, Linux, and Windows
Experience in identifying configuration errors and providing counter measures within Active Directory environments
Solid understanding of networking and security including routing/networking and TCP-IP protocols such as SMTP, HTTP/S, POP3, IMAP, TLS/SSL, and Proxies.
Understanding of OWASP Top 10 at macro level, ability to communicate how these security risks operate and function to a non-technical audience.
Knowledge of Cyber Security compliance frameworks such as PCI DSS, SOX, HIPAA, ISO 27000-series, GDPR, and NIST.
Ability to acquire cyber security certification from MSSP approved curriculum for Threat Hunting, Network Defense, Malware Analysis / Reverse Engineering, Incident Response, or Digital Forensics within 4 months of hire date if not already certified.
Experience in a SOC, Security Analyst position, or equivalent
Minimum Qualifications/Technical and Educational Requirements
Familiarity with various Threat Intelligence networks and how to use them for data and event enrichment.
Experienced in the development of tools within multiple coding or scripting languages such as: Python, Java, C#, VBA, Vbscript, Perl, PowerShell, and BASH or other Unix Shells.
Experience with Security Information and Event Management (SIEM) tools.
Experience working in a security operations team performing incident handling, red/purple/blue team exercises.
Experience performing threat hunting, malware analysis, application hardening and defense, incident response, or digital forensics analysis within a corporate environment.
Experience with vulnerability management platforms.
Practical, hands-on industry certifications preferred from ISC2, GIAC, eLearnSecurity, Offensive Security, EC-Council, or CompTIA