Who We Are
The Role
Serve as first line of defense in protecting's information systems from internal and external threats by conduct analysis of security events to include validation, escalation and reporting of events of interest based on the guidelines and event handlers provided. The SOC Analyst will be responsible for all events of interest and will make sure they are continuously monitored and reviewed.
What You'll Do
Monitoring and analysis of cyber security events
Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP)
Security Event Correlation and Reporting to appropriate Tier 2 Security Analyst or Incident Response staff or relevant sources to determine increased risk to the business
Recognize potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
Working with the Incident Response team to help create RCA's for events escalated to incident levels
Development and execution of Standard Operating Procedures, Event Handlers and Job Aids required for successful task completion
Actively participate in incident resolution, even after they have escalated
Keep the ticket queue assigned.
Adaptability to the different platforms used withing Solera
Job Schedule: 24x7 shift environment.
What You'll Bring
Bachelor's degree or equivalent in computer science, computer engineering (preferred) or verified security training path (at least 8 months combined)
2 years' experience within a security team, at least 1 year SOC experience is a MUST
Security Operations Center (SOC) environment experience related SOC and incident monitoring experience a MUST
Experience with SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP) and Security Event Correlation
Excellent analytical and problem solving skills
Experience with technical writing
Possess an understanding of security standards and risk management
Possess the ability to adjust and adapt to changing priorities in a dynamic environment
Be able to multi-task and be pro-active in addressing issues and requests
Possess technical acumen and the ability to understand and interpret technical specifications
Experience with one of the following security tools is a plus:
CrowdStrike
O365 Security
AWS security hub
Azure defender/ security center
Splunk
ELK
Experience with technical writing
Language requirements: English speaking, writing and reading proficiency (85% at least)
Soft Skills
Strong research skills
Communication skills across multiple teams and team members in different countries
Collaboration across multiple teams and team members in different countries.