Description:
• Cybersecurity Analyst - SOC Analyst to join the CTAC team to perform real-time cybersecurity monitoring and triage of security alerts, along with investigation and response to security incidents.
Job Summary:
• The role will provide first line of defense to detect and respond to internal or external cyber threats, leveraging a variety of security tools and techniques, and working with teams both inside and outside of security.
Key Responsibilities:
• Monitor customer security tools and platforms in real-time to identify anomalous activity
• Collect and analyze artifacts from electronic devices and technology platforms using forensic tools and techniques
• Coordinate response to incidents including scoping and root cause analysis, enacting containment measures, and identifying and coordinating remediation efforts
• Identify and propose areas for operational improvement within the SOC
• Provide feedback on security control capability gaps based on security intrusion trends
• Develop and maintain analytical procedures to improve security incident identification efficiency
• Triage and validate alerts based on established thresholds and criteria
• Support major incident response activities, as needed
• Adhere to approved SOC documentation e.g., processes and procedures
• Assist in developing, coordinating, and implementing SOC documentation
• Provide input to SOC operation metrics and reports
• Provide input to SOC shift change reports to maintain continuity of operations
To qualify for the role, you must have:
• Completed technical higher education in the field of computer science or related field
• Minimum of 2-3 years of professional experience in operating, managing, designing, implementing, maintaining, or supporting cybersecurity technology
• Minimum of 2-3 years of professional experience in SOC operations and/or incident response
• Possession of certificates or education related to cybersecurity, information technology, or engineering
• Possession of cybersecurity certifications e.g., , GCIH, GMON, GSOC
• Understanding of technologies and solutions utilized in cybersecurity and networks (SIEM, SOAR, Firewalls, IAM, IDS/IPS, End Point Protection, Threat Management/Intelligence.)
• Strong understanding of intrusion detection concepts and information security defense
• Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
• Experience in collection and analysis of windows, network, and malware artifacts
• Experience in collection and analysis of Office365, DLP, and Splunk
• Experience in SOC documentation development
• Understanding of Incident Response analysis skills e.g., SURGE Collect
• Forensic artifact examination with Volatility
• Proven experience with multiple security event detection platforms
• Thorough understanding of TCP/IP
• Understanding of basic IDS / IPS rules to identify and/or prevent malicious activity
• Full professional proficiency in English, especially in technical writing and oral communication skills
• Demonstrated integrity in a professional environment
VIVA is an equal opportunity employer. All qualified applicants have an equal opportunity for placement, and all employees have an equal opportunity to develop on the job. This means that VIVA will not discriminate against any employee or qualified applicant on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status