We are looking for a L2 SOC Analyst to join the DATASHIELD Advanced Security Operations Center. Your primary responsibilities will be analyzing and finding threats in various systems, including Splunk, RSA Netwitness, Cofense Triage, and Mimecast/Proofpoint.
We are searching for a Senior Security Analyst with extensive experience in network forensic analysis and incident response. The preferred candidate should also be able to identify root cause of compromised systems utilizing full packet captures of network activity and log data. Candidate must be able to work with a team and coordinate work actions with that team.
Desired Background / Skillset:
- Minimum three years’ experience performing incident response with an emphasis on system compromise analysis
- Ability to analyze captured data to perform incident response and identify potential compromises to customer networks
- Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
- Experience analyzing both log and packet data to include the use to WireShark, tcpdump and other capture/analysis tools
- Ability to perform network-based forensics and log analysis
- Strong understanding of incident response methodologies and technologies
- Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
- Participate in on-call rotation
- Experience with log management and/or SIEM technologies such as Splunk, ArcSight, and LogRhythm etc.
- Experience with network monitoring tools such as RSA Netwitness, , Bluecoat Security Analytics is a plus
- Malware analysis and reverse engineering is a plus
- Technical certifications considered an asset are: CISSP,GCIH, GCIA, GCFA, GPEN, CEH, CCNA, CCNP
- Candidate must be reliable and able to function as part of a 24x7 operations center.
Desired Education Level:
Bachelor's Degree or Equivalent Experience