SOC Analyst II
United States - Remote
Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security,
Networking, Disaster Recovery and Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers. Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training and experience necessary to build a lucrative career, then welcome to THRIVE!!
Position Overview
With a growing client base, Thrive is continuing to build out its security team. We are looking to hire a SOC Analyst II to take a role within our Security Operation Center assist with the continuously monitor and improve our customers' security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents utilizing technology and well-defined processes and procedures. The ideal candidate will have a passion for information security and will value what a properly managed Security monitoring solution can bring to our client needs.
Primary Responsibilities
- Process investigation requests from Tier 1 SOC Analysts who perform security event monitoring using Security Information and Event Management (SIEM) from multiple sources, including but not limited to, events from network and host-based intrusion detection/prevention systems, network infrastructure logs, systems logs, applications, and databases
- Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform in-depth analysis of exploits
- Utilize threat intelligence to identify and investigate potential security threats
- Lead incident response and threat hunting efforts for confirmed security incidents and follow through until resolution
- Develop playbooks for incident response and incident management processes, including threat triage, incident investigation, and incident resolution
- Conduct regular reviews of playbooks to ensure they are current and effective
- Work with cross-functional teams to ensure that playbooks are aligned with the overall security strategy and goals
- Participate in tabletop exercises and drills to test and validate playbooks
- Monitor and evaluate security incidents to identify opportunities for improving playbooks
- Keep up-to-date with current security threats and trends to ensure that playbooks are relevant and effective
- Actively investigate the latest security vulnerabilities, advisories, incidents, and TTPs (tactics, techniques, and procedures) and work with Security Engineering team to recommend use cases.
- Proactive monitoring, threat hunting, and response of known and/or emerging threats
- Carry out Thrive’s information security strategy both internally and externally for 400+ clients in the northeast
- Analyze data from our SOC and SIEM and determine if further analysis is needed
- Work within Thrive’s security standards and best practices and recommend future enhancements
- Manage our clients’ security awareness training to help their end users be as safe as possible
- Stay abreast of security events and techniques to keep our clients protected
- Build awareness through training and education
Qualifications
- Has advanced knowledge of the following systems and technologies:
- SIEM (Security Information and Event Management)
- TCP/IP, computer networking, routing, and switching
- IDS/IPS, penetration and vulnerability testing
- Firewall and intrusion detection/prevention protocols
- Windows, UNIX, and Linux operating systems
- Network protocols and packet analysis tools
- EDR, Anti-virus, and anti-malware
- Content filtering
- Email and web gateway
- Demonstrates comprehension of good security practices
- Professional experience in a system administration role supporting multiple platforms and applications
- Ability to communicate network security issues to peers and management
Required Qualifications
- Computer Networking & Security
- Vulnerability Discovery and Analysis
- Operating System Internals
- Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.)
- Excellent Written and Verbal Communication Skills
Preferred Qualifications:
- Knowledge of common Windows and Linux/Unix system calls and APIs
- Understand Anti-Virus
- Knowledge of programming languages
- Knowledge of internal file structures for file formats commonly associated with malware (e.g., OLE, RTF, PDF, EXE, etc.)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Cloud DNS EDR Exploits Firewalls IDS Incident response Intrusion detection IPS Linux Malware Monitoring Network security Security strategy SIEM SMTP SOC Strategy TCP/IP Threat intelligence TTPs UNIX Vulnerabilities Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs