Report this Job
Role: SOC Analyst
Location: (Fremont, California)
Duration: 6+ Months
Interview: Phone + Skype
Job Description:
SUMMARY:
- The Role We are looking for a highly motivated security professional specializing in security monitoring, detection, and incident response to join the global security operations team to protect our information, infrastructure and products. It's fun to work in a company where employees BELIEVE in what they're doing! The Security Operations Center (SOC) is at the frontline of our multi layered defense and is responsible for detecting and responding to threats against our corporate, manufacturing and production environments. As a SOC Analyst, you will protect our company by acting as the primary line of defense by identifying, analyzing and remediating threats in our environment. You will be involved in investigating and responding to SIEM alerts and active attacks, user security related questions/reports, incident response (war room, remote bridges), and on-going maintenance, tuning, and improvements of the detection signals.
RESPONSIBILITIES:
First layer of defense - responsible for quick detection and incident response using various security monitoring and automation tools
Work with NOC, IT and various business units to triage and remediate detected security incidents and alerts
Conduct in-depth investigation of alerts. Perform analysis and correlation of network traffic, OS and application-level events
Signal and alert tuning (in collaboration with the Detection and Splunk teams).
Research and analyze the latest attacker techniques observed in the real world and recommend automatic and manual remediation actions
Create new and maintain existing security operation standards, procedures, playbooks
Analyze security events/logs and report on threats and incidents across various platforms and environments. Escalate complex cases to the Detection team and the system owners.
Assist with Threat Hunting activities during the active incidents Continuous tuning and improvement of the existing security signals, rules and alerts to improve detection and response time and reduce impact when an incident occurs
QUALIFICATIONS:
Experience performing security monitoring and incident response duties in a SOC environment
Ability to quickly triage multiple security incidents and assign the right priority based on risk and confidence levels
Good understanding of the common network security concepts including TCP/IP protocol stack, HTTP/HTTPS, TLS, WAF, VPN
Good understanding and real-life experience responding to the common types of attacks such as DDoS, credentials stuffing, phishing/spam, adware/malware, attacks against Windows/Active directory environments, attacks against public cloud infrastructure (AWS)
Security automation experience using tools such as Phantom or Demisto (SOAR, runbooks) is
Stellent IT LLC