Cyber - Senior SOC Analyst

The Crum & Forster Cyber & Information Security team is seeking a Senior Cybersecurity Analyst with the Threat Detection and Response team.  Reporting to the Threat Detection & Response Manager, this role will be responsible for partnering with our Managed Services SOC to ensure efficient and effective capabilities in identifying malicious activity, investigating escalated alerts to closure, and facilitating Incident Response duties.  You will work with a team of professional Security Analysts leveraging Next-Gen security tools to help detect and remediate cyber threats.

 §  Triage escalated Cyber alerts and coordination with internal stakeholders via ticketing.

§  Investigate email, host, and network-based cybersecurity threats.

§  Act as a point of contact for company employees reporting cybersecurity concerns.

§  Identify and recommend opportunities to refine detection capabilities and reduce False Positives.

§  Coordinate with various system and application owners to verify and remediate cyber threats.

§  Develop and implement Security Orchestration & Automation.

§  Develop, Update, and Publish Standard Operating Procedures.

§  Adhere to, update, and maintain Cybersecurity playbooks.

Requirements

§  Previous experience working in a Security Operations Center.

§  Understanding and maintaining familiarity with current Cyber Vulnerabilities & threats.

§  Experience investigating phishing and email related attacks.

§  Experience with Windows and Linux OS’s.

§  Fundamental understanding of system and network security principles and technology.

§  Fundamental understanding of Networking – TCP/IP and other protocols.

§  Ability to interface with a wide audience of technical and non-technical personnel.

§  Understanding of the Cyber Kill Chain and MITRE/ATT&CK Framework.

§  Ability to prioritize and manage workloads and deadlines on a tactical and project-oriented level.

§  Excellent written and verbal communication skills.

§  Self-starter who is motivated and driven to learn.

§  Bachelor’s degree in a technical discipline or equivalent experience. 

§  Experience with scripting automation in Python or other languages.

§  Process authoring experience.

§  Prior experience and/or certifications in AWS, Azure, and/or GCP.

§  Experience in SIEM, IDS/IPS, Firewalls, Anti-virus, Vulnerability Scanning.

§  Experience performing risk assessments, penetration testing and tabletop exercises.

§  Any Security focused Certifications.

§  3-5 year Cybersecurity related experience.

§  Technical document writing experience.