Senior SOC Analyst
Sunrise Systems, Phoenix, AZ, United States
Senior SOC Analyst
Phoenix, AZ 85007
Position is 100% onsite
Shifts would either be Tuesday-Saturday 12pm-9pm (Saturday hours are flexible) or Sunday-Thursday (Sunday hours are flexible) 12pm-9pm
Please make an application promptly if you are a good match for this role due to high levels of interest.
Conducts daily traffic analysis, identifies and characterizes anomalous activity Performs in-depth system and network forensics to identify and eradicate threats.
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
Generates incident reports, investigates suspicious network and system activity
Perform cyber defense trend analysis and reporting.
Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
Reconstruct a malicious attack or activity based off network traffic.
Proactively identifies threats to the enterprise, initiates the distribution of enterprise wide alerts
Coordinate with enterprise-wide cyber defense staff to validate network alerts.
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
Monitors software patches, security fixes, and tests and validates modified systems
Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
Recommend computing environment vulnerability corrections.
Processes, documents, and coordinates resolution of cyber incidents with appropriate teams
Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
Required:
-
A solid, end-to-end understanding of Information technology systems, especially as they apply to security.
- Ability to successfully triage security detections and alerts from any source (network, endpoint, audit logs, identity, etc..), perform incident response and support incident management.
- Ability to work under pressure, prioritize issues, and maintain sufficient attention to ensure an appropriate response to cyber alerts and incidents.
-
Must have professional engagement and customer service skills to positively support stakeholder institutions and partners statewide. xywuqvp
- Fast learner; ability to work and solve problems creatively
- Two years of experience in a security operations environment, or related work and demonstrated interest in security operations.
Phoenix, AZ 85007
Position is 100% onsite
Shifts would either be Tuesday-Saturday 12pm-9pm (Saturday hours are flexible) or Sunday-Thursday (Sunday hours are flexible) 12pm-9pm
Please make an application promptly if you are a good match for this role due to high levels of interest.
Conducts daily traffic analysis, identifies and characterizes anomalous activity Performs in-depth system and network forensics to identify and eradicate threats.
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
Generates incident reports, investigates suspicious network and system activity
Perform cyber defense trend analysis and reporting.
Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
Reconstruct a malicious attack or activity based off network traffic.
Proactively identifies threats to the enterprise, initiates the distribution of enterprise wide alerts
Coordinate with enterprise-wide cyber defense staff to validate network alerts.
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
Monitors software patches, security fixes, and tests and validates modified systems
Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
Recommend computing environment vulnerability corrections.
Processes, documents, and coordinates resolution of cyber incidents with appropriate teams
Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
Required:
-
A solid, end-to-end understanding of Information technology systems, especially as they apply to security.
- Ability to successfully triage security detections and alerts from any source (network, endpoint, audit logs, identity, etc..), perform incident response and support incident management.
- Ability to work under pressure, prioritize issues, and maintain sufficient attention to ensure an appropriate response to cyber alerts and incidents.
-
Must have professional engagement and customer service skills to positively support stakeholder institutions and partners statewide. xywuqvp
- Fast learner; ability to work and solve problems creatively
- Two years of experience in a security operations environment, or related work and demonstrated interest in security operations.