SOC Tier 3 Analyst

Tasks

• Analyze escalated cyber security events
• Coordinate with technicians to resolve confirmed incidents
• Develop SOC standard operating procedures and runbooks
• Distinguish benign activity from malicious events
• Escalate confirmed incidents to incident response lead
• Identify and troubleshoot cyber security incidents
• Ingest indicators of compromise into security tools
• Perform log analysis and correlation
• Proactively search logs network and system data for threats
• Quality proof security advisories and assessments
• Report recurring problems and recommend improvements
• Respond to technical assistance requests and resolve issues

Perks/Benefits

• N/A

Skills/Tech-stack

Access Control | Active Directory | Activity monitoring | Asset visibility | Bash | Cisco Firepower | Cisco Firepower Threat Defense | Cisco IOS | Content Filtering | Control Systems | Data Loss Prevention | Data loss | Database activity monitoring | Detection Systems | Email Content Filtering | Endpoint protection | Enterprise Security | Firepower Threat Defense | Firewalls | Forensic analysis | Incident Response | Indicators of compromise | Industrial Control Systems | Industrial control | Industrial network | Industrial network security | Intrusion Detection | Intrusion Prevention | Intrusion Prevention Systems | Intrusion detection systems | Log Analysis | Loss prevention | Netflow | Netflow analysis | Network Access | Network Access Control | Network Protocols | Network Security | Nozomi Networks | Operational Technology Security | Operational technology | PCAP Analysis | Packet Capture | Powershell | Prevention systems | Python | SCADA | SIEM | Secure Coding | Snort | Splunk Enterprise | Splunk Enterprise Security | TCPIP | Technology security | Threat Defense | Threat Intelligence | Threat hunting | Vulnerability scanning | Web Content | Web Content Filtering | Yara | Yara Rules