Position Summary:
The OT Security Operations Center (SOC) Analyst will provide technical knowledge and analysis in responding to security incidents. The ideal candidate will manage 24/7/365 monitoring of critical assets, perform investigations of potential incidents, mitigate security risks, research cyber-attacks, malware, and threat actors. The OT SOC Analyst will analyze network traffic, identify attack activity, document incident response activities, and effectively communicate with internal and external stakeholders.
Major Duties and Responsibilities:
- Monitor network traffic for anomalies and tag and log new trusted subnets as they come online.
- Research cyber-attacks, malware, and threat actors to determine potential impact and develop remediation guidance. Analyze network traffic to identify attack activity.
- Utilize all SOC management tools and technologies.
- Document anomalies and critical alerts, activities, and lessons learned. Ensure thorough and accurate recording of all incident response actions and findings.
- Effectively communicate incident response activities to relevant stakeholders, including technical teams, senior management, and customers.
- Plan, implement, upgrade, or monitor security measures for the protection of OT networks and information. Ensure appropriate security controls are in place to safeguard digital files and vital electronic infrastructure.
- Maintain SOC Infrastructure Lifecycle, including architecture, design, implementation, and maintenance.
- Respond to security breaches, ensuring swift and effective mitigation to minimize impact.
- Assist with yearly audits as necessary to adhere to EverLine standards.
- Develop proposals for customer RFPs and buildouts.
Knowledge, Skills, abilities, and Other Personal Characteristics:
- Good verbal and written communication skills.
- Ability to Provide Excellent customer service experience.
- Understanding of SIEM technologies, network monitoring methodologies, and threat tactics.
- Active Directory, Operating System (Windows and Linux) troubleshooting experience (install, configure, troubleshoot, upgrade – hardware and software, etc.).
- Knowledge of Two-Factor Authentication, Identity and Access Management tools.
- Understanding of malware, phishing, spam, etc. analysis and clean up processes.
- Ability to learn and accept constructive feedback.
- Self-motivated, responsible, organized, and a team player.
- Desirable knowledge of networking concepts, VoIP, routing, DHCP, DNS, TCP/IP.
- Minimum of 1-3 years of experience in a SOC (Security Operations Center) environment.
- Strong technical knowledge in responding to security incidents and performing forensic analysis.
- Expertise in investigating potential intrusions and security events.
- In-depth understanding of cyber-attacks, malware, and threat actors.
- Proficiency in analyzing network traffic and identifying attack activity.
- Excellent documentation skills for recording incident response activities and lessons learned.
- Strong communication skills to effectively convey incident response activities to various stakeholders.
- Ability to plan, implement, upgrade, or monitor security measures for network and information protection.
- Certifications preferred, GIAC Security Operations Manager (GSOM), CISSP, CISM, CompTIA CASP+, or COMPTIA Security+
Work Environment:
The employee will work predominantly in an office environment, utilizing standard office and computing equipment. Standard work hours with an on-call rotation.
EverLine adheres to a hybrid work policy.
If working remotely, the employee will be required to support video teleconferencing when applicable, as well as attend teleconference meetings originating in other time zones, which may occur outside normal working hours. The employee will interface with remote employees, requiring reliance on email and phone communications, as well as ability to maintain productivity while working autonomously.
Employment is contingent upon a successful background check and drug screen.
Equal Opportunity Employer; E-Verify Employer
This document describes the current position. It is not an employment contract. Our Company reserves the right to modify Position duties or Position descriptions at its discretion