The Security Analyst role is part of the SOC. Candidates in this role will respond to events according to documented procedures and industry best practices. Ideal candidates should be experienced in the areas of networking, client/server technologies, and analyzing log files with the ability to identify false positive and true positive events. Candidates must have experience in Linux and Windows operating systems. Candidates in this role may also be required to follow the incident response plan. Enthusiasm and interest in Information Security must be displayed.
• Accept escalations from Monitoring and provide initial investigation of security incidents
• Application of contextual data (criticality, device grouping, existing vulnerabilities)
• Provide communication and escalation throughout the incident per the Security Incident
• Provides feedback to Threat Monitoring team
• Perform analysis of log files for security incidents
• Takes an active part in the containment of incidents, even after they are escalated