Associate 1 - SOC Analyst
IND-TG-Hyderabad-iSprout Business Centre Private Limited
RSM
RSM US LLP is the leading U.S. provider of assurance, tax and consulting services focused on the middle market.We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.
We are seeking analyst level individuals with experience working in the field of cybersecurity and a desire to help organizations improve their operations to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have working knowledge in some or all these areas – IT operations, security monitoring, active directory, IP networking and various cloud technologies.
Position and Key Responsibilities
At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients’ businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts, threat hunters, shift leads, intelligence analysts and SOC managers in support of multiple clients. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to:
Role Responsibilities:
- Investigate security incidents using SIEM tools, automation, and other cybersecurity technologies (i.e. ServiceNow, Stellar Cyber, Hyas Insight and DNS Protect, sentinel One, ELK Stack, Virus total, Shodan, NetFlow, Passive DNS, Silobreaker, Tenable.io, Hatching Triage Sandbox)
- Analyze, escalate, and assist in remediation of critical security incidents.
- Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment serving multiple clients
- Process IDS alerts and identifying incidents and events in customer data.
- Setup and execution and analysis of vulnerability scans
- Perform advanced analysis and investigation into alerts as they are identified
- Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools)
- Incident intake, ticket updates and reporting of cyber events and threat intelligence
- Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds
- Writing incident reports, process documentation, and interact with clients as required
- Transcribe and implement atomic indicators into a monitoring environment.
- Consume policy documentation and determine applicability in a network.
- Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports.
- Develops the playbooks to respond and recovery from various attacks/incidents.
- Drives the automation efforts focused on the closing cases, responding to Cyber events and analyzing data required to enable efficient response activities.
- Processing of Cyber Threat Intel that is used across RSM detection platforms to understand and prepare for potential threats. Threat intel is heavily used across RSM platforms drive issue prioritization.
- Open to working shifts in a 24x7 operations environment.
Qualifications and Experience:
- Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience.
- Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security
- 3-5 years’ experience working in a security operations center, networking operations center or threat intelligence capacity.
- Possess at least one security industry certification such as CYSA+, Security+, CISSP, SANS GIAC (GSOC, GCIA, GMON, CGCDA)
- Knowledge of security standards and information security and compliance frameworks, controls, and best practices, including SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST
- Must have a naturally curious mindset and approach to solving problems.
- Basic understanding of cloud technologies and their operations
- Experience supporting various operating systems such as Windows/Linux
- Understanding of IP network protocols
- Motivated self-starter with strong written and verbal communication skills
- Strong analytical and troubleshooting skills.
- A self-starter mindset
You want your next step to be the right one. You’ve worked hard to get where you are today. And now you’re ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you’ll move quickly along the learning curve and our clients will benefit from your fresh perspective.
Experience RSM. Experience the power of being understood.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Agile Automation CISSP Cloud Compliance Computer Science DNS ELK GCIA GIAC IDS Linux Malware Monitoring NIST OWASP SANS SHODAN SIEM SMTP SOC SOC 2 SOC 3 SSH Threat intelligence Vulnerability scans Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs