Security Analyst - SOC

Company Profile

Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us.

Job Description

• Pursue specialization in specific areas of security operations, such as threat hunting, malware analysis, or digital forensics, through targeted training and hands-on experience.
• Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents.
• Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals.
• Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations.
• Support Monitoring Team to take remote session with user for troubleshooting the user machines to remove malware
• Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats.
• Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities.
• Shift-leading capabilities, managing SOC operations during assigned shifts, including supervision of GET/Associate Security Analysts and coordination of incident response activities.
• Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution.Flexible to Provide support to 24/7 L1 Monitoring shift members.
•  

Qualifications

• Proven experience using Splunk SIEM, including the ability to analyze prepared use cases, contribute to the creation of custom dashboards, and fine-tune false positive alerts.
• Good knowledge of SIEM architecture.
• Excellent skills in email security incident handling, including investigating phishing emails and providing verdicts, as well as basic knowledge of Office 365 Email Exchange.
• Experience with CrowdStrike EDR for security monitoring and threat detection, along with static and dynamic malware analysis and interactive sandbox report analysis capabilities.
• ITIL tool experience, particularly with Service-Now.
• Exposure to firewall and WAF log analysis.
• Strong knowledge of security SOP creation and maintenance.
• Basic knowledge of file integrity monitoring.
• Understanding of security compliance frameworks such as PCI and NIST.
• Basic understanding of vulnerability management and experience with tools such as Rapid7 and Nessus.
• Experience with cloud security monitoring, including AD risky detections and Defender for Cloud.
• Excellent communication and presentation skills.
• Commitment to continuous learning and professional development.
• Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM.