Job for Security Operations Center - Senior Threat Analyst

1 Open Positions | Logo Urgent

Brookyln , NY
Estimated Best In Industry
24 Months
Posted on: 05/20/2024
Job Description:

Candidate must be willing to workdays, nights and/or weekends depending on coverage or critical incident response needs.
Shift Schedule: Night shifts will typically occur between the hours of 6:00 PM and 6:00 AM. The night SOC analyst position will include weekend shifts.

 

  • Perform many critical functions within the Threat Management discipline including staffing 24x7x365 coverage at the City's Security Operations Center (SOC) augmenting FTE shift schedules including days, nights, weekends, and holidays.
  • Interface with OTI Cyber Command teams internally, with City agencies, vendors, and information-sharing partners.
  • Monitor City networks and security alerts for intrusion, attempted compromise, and anomalous behaviour.
  • Apply mitigation techniques or escalation factors; correlate threat intelligence across various logs collected by established security controls.
  • Produce routine SOC metrics & reporting.
  • Maintain situation reports (SITREPS)
  • Perform weekly quality control checks.
  • Works closely with SOC Director on incident preparation including the continuous development of new SOC playbooks and runbooks.

Requirements:

  • Minimum 8 years of experience in Threat Management/SOC/Incident Response environment.
  • Ability to lead and mentor junior analysts, coordinate team activities, and manage SOC operations effectively.
  • Prior experience working in a SOC environment is mandatory. This includes familiarity with SOC operations, procedures, and tools such as SIEM (Security Information and Event Management) systems, intrusion detection/prevention systems (IDS/IPS), and endpoint detection and response (EDR) tools.
  • Knowledge of cybersecurity principles, practices, and procedures
  • Strong understanding of network and host technologies
  • Experience applying techniques for detecting host and network-based intrusion using IDS methods and technologies.
  • Experience with SIEM technologies, malware analysis and mitigation techniques
  • Apply cybersecurity and privacy principles to organizational requirements (confidentiality, integrity, availability, authentication, non-repudiation)
  • Interpret information collected by diagnostic network tools (Netflow, security event logs, IDS systems, etc.)
  • Ability to investigate and solve complex problems.
  • Excellent communication skills are crucial for effectively communicating security incidents, risks, and recommendations to technical and non-technical stakeholders, including SOC Director and senior management.
  • Threat Hunting: Proactive threat hunting capabilities to identify and investigate potential security threats or anomalies within the environment before they escalate into incidents.

Copyright @2024 RighTalents. All Rights Reserved by RightTalents LLC | Developed by devGroves Technologies