SOC Analyst

SOC Analyst

Department: Security Operations

Employment Type: Full Time

Location: Remote

Description

With 30 years of experience in cyber defense, DeepSeas is trusted by nearly 1,000 clients around the world, including Fortune 100 enterprises and mid-market organizations, higher education institutions, municipality and local governments, and federal agencies. Known for its programmatic approach to continuously transforming cyber defense programs, DeepSeas is recognized by Gartner as a top 40 provider of MDR and ranked as a top 5 MDR leader in the 2024 Frost Radar™: Global Managed Detection and Response (MDR) Market. In addition to its industry-leading MDR service, DeepSeas offers a full suite of advisory, compliance, and testing services to support clients on their cybersecurity transformation journeys, with an approach to cyber defense that prioritizes technical expertise, tradecraft, and continuous innovation to deliver unparalleled results.


Position Overview
We are seeking a motivated Cyber Security Operator to join our team, offering an exciting opportunity to enhance your expertise in incident investigations and containment. The ideal candidate is someone passionate about the cyber security industry with an analytic mindset and a solid understanding of cyber security tools. In this role, you will play a crucial part in impacting the services provided to our customers by detecting, investigating, and containing security incidents.


This position is well-suited for an individual eager to progress in their information security career within a dynamic, customer-service oriented environment. You will collaborate with other seasoned analysts and top-notch cyber-security engineers in our Security Operations Center (SOC).


Our Security Operations Center works on a 4x3 work week which may include early morning, evening or weekend shift hours, so flexibility is a key consideration.

Key Responsibilities

• Provide monitoring support in a 24x7x365 environment.
• Investigate SIEM and endpoint alerts within the SOAR platform for containment, notification, and remediation.
• Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
• Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
• Determine tactics, techniques, and procedures for intrusion sets

Skills Knowledge and Expertise

• 3-5 years cyber security operations  experience
• Experience with proprietary security protection/detection tools such as Firewalls, Host and Network IDS/IPS, Anti-Virus, EDR, URL Filtering Gateways, Email Filtering Gateways, DLP tools, SIEM tools, etc
• Hands-on experience with Microsoft Sentinel, Defender for Endpoint, and KQL
• Highly proficient in Microsoft and Linux operating systems
• Experience working within one or more SOAR platforms
• Familiarity with the MITRE ATT&CK framework
• Working knowledge of advanced actor TTPs
• Excellent written/verbal communication skills

Why DeepSeas?

At DeepSeas, we like to say that heart rates go down, careers take off, and security programs mature. Our values provide the ultimate guide for our daily behavior and decisions. Without these values, we aren’t DeepSeas. They preserve the essence of our organization, reflect the personalities of our Deeps (how we affectionately refer to our teammates), and enable us to exceed expectations. Our values are: 

• We are client obsessed.  
• We stand in solidarity with our teammates. 
• We prioritize personal health and well-being. 
• We believe in the power of diversity. 
• We solve hard problems at the speed of cyber. 

This is your chance to join a supportive crew of teammates and an industry-leading organization that values opportunities for growth. If DeepSeas sounds like a good fit for you, send us your resume and let’s talk!