Security Operations Center Analyst

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

In order to address the most critical needs of our clients, RSM established the Security and Privacy Services group, comprised of more than 170 professionals dedicated exclusively to serving the cybersecurity needs of our clients. This group includes experienced consultants located throughout the United States and Canada dedicated to helping clients with preventing, detecting, responding and recovering to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise across the full suite of security and privacy capabilities including managing the daily activities associated with our clients’ security operations.

We are seeking individuals with an interest in working in the field of cybersecurity and a desire to help organizations improver their operations to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have working knowledge in some or all of these areas – IT operations, security monitoring, Active Directory, Cloud technologies.

At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients’ businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts and a shift lead in support of multiple clients.

Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to:

• Investigate incidents using SIEM, automation and other technologies (i.e ServiceNow)
• Analyze, escalate, and assist in remediation of critical information security incidents
• Improve and challenge existing processes and procedures in a very agile and fast-moving information security environment
• Setup and execution of vulnerability scans
• Perform initial analysis and investigation into alerts as they are seen
• Performing initial malware analysis utilizing automated means
• Incident intake, ticket updates and reporting of cyber events
• Understanding, identifying and researching indicators of compromise (IOCs)

Basic qualifications for an associate-level position include:

• Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience
• Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security
• 0-2 years’ experience working in a security operations center or networking capacity
• Must have a naturally curious mindset and approach
• Proven troubleshooting skills
• Knowledge of Active Directory administration
• Understanding of cloud technologies
• Experience supporting various operating systems such as Windows/Linux
• Understanding of network protocols

Beneficial, but not required, qualifications for an associate-level position include:

• Security incident and event management (SIEM) tools such as Splunk, LogRhythm, Devo, etc.
• Common cloud platforms – Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform
• Security orchestration and automated response (SOAR) tools such as: Demisto, Phantom, Forescout, etc.
• Vulnerability tools such as: Kenna, Tenable, Qualys, etc.
• Threat intelligence tools such as Recorded Future and ThreatConnect
• Endpoint detection and response tools such as: CarbonBlack, Crowdstrike, etc.
• Microsoft Office 365
• Cloud access service brokers such as Netskope, ZScaler, McAfee, Forcepoi

At RSM, we offer a competitive benefits and compensation package for all our people.  We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients.  Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits   https://rsmus.com/careers/el-salvador.html. 

RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Salvadoran Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation.  

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.