Cyber SOC Analyst

Cyber Defense Labs is a full life-cycle information security service provider helping companies manage, detect and respond to today’s cyber risks. We provide trusted cyber risk management services to help companies reduce business risk before, during and after a cyber event.

Cyber SOC Analyst - Security Systems

Job Summary:

As a Cyber Defense Labs Cyber Security Analyst, your role on the team will include leveraging your knowledge of industry best practices, good judgment and problem-solving skills to execute security operations. Being on the front lines of defense, the Cyber Security Analyst is adept at making good decisions under pressure and able to quickly adapt to any security challenge. This individual also pays attention to detail and is disciplined in documenting process and procedures. The Cyber Security Analyst will also be responsible for all requests coming into the department making sure departmental SLAs are met. The Cyber Security Analyst’s motto is operational excellence, continual process improvement and customer service. 

Primary Duties & Responsibilities:

• • You will be working on all phases of the detection, investigation and resolution of cyber security events flagged by the various detection systems in use at CDL.
  • You will also work closely with other members of the Cyber SOC team to run investigations into the root cause of security events, escalating to the Technical Security, vulnerability and problem-management teams where necessary.
  • You will work with various internal and external Cyber SOC-related stakeholders to make sure that our customers security posture is always being strengthened as we work to continually improve security configurations, practices and processes.
  • You will follow document security process and procedures.
  • Support service request in-take process and communicate back to requestors promptly
  • Other duties and responsibilities as assigned
  • This position will sit in the 24/7 Cyber Defense Center and will involve shift work including day, evening and weekend roles.

Minimum Qualifications:

• • Candidate must possess 1 year of professional Security Operations work or be in pursuit of a college degree in Computer Information Systems, Computer Science, or a related field and/or have IT Security certifications such as Network+, Security+.
  • Passion and enthusiasm for Cyber Security.
  • Knowledge of basic Cybersecurity concepts
  • Experience with solving problems
  • Basic understanding of log analysis
  • Basic understanding of TCP/IP and other network protocols
  • Excellent team-working skills, and a "can do, let's get it done" attitude is crucial.
  • A desire to keep learning, extending your skills and pushing the boundaries of your knowledge.
  • Excellent verbal and written communication skills

Preferred Qualifications:

• • Experience with SIEM technologies (AlienVault, QRadar, Splunk, LogRhythm, etc.
  • Ability to write and understand scripts in languages such as Python, Ruby, Bash, etc.
  • Event Detection tools (e.g. FireEye, Palo Alto, Fortinet, Carbon Black, Cylance)
  • IDS/IPS (e.g. TippingPoint, Sourcefire, Snort, Suricata)
  • Firewalls (e.g. PaloAlto, Cisco, Fortinet, Checkpoint)
  • Knowledge of both Windows and Linux
  • Security related certifications, for example GCIH, CEH, OSCP

Education and/or Experience:

• • College Degree in Cyber Security or Information Technology or equivalent work experience.
  • Certifications like Network+, Security+