SOC Analyst I

This role provides support to One Source Communications Managed Security Services clients.  The Security Analyst should have an affinity for Cyber Security and a broad knowledge of managed security practices, processes, and tools. The Security analyst should also have a thirst for knowledge and an ability to tackle new problems quickly by using available research tools to successfully remedy issues with little supervision. This role works within the Security Operations team on supporting Managed Security customers ticket triage, investigation, and resolution.

• • Keep information regarding our clients, their data, and other sensitive information confidential 
  • Provide remote and on-site security and incident response support to a growing list of clients 
  • Triage security alerts and events to quickly determine scope, impact, and risk 
  • Investigate security alerts and events to correlate related events into incidents 
  • Based on research and threat intelligence sources, make practical and actionable recommendations to customers on next steps for alerts and events 
  • Proactively hunt for security exposures and threats in a customer’s environment 
  • Assist in new security customer onboarding and setup 
  • Update knowledge base to provide continuity among other company personnel 
  • Communicate ticket status and document updates to clients and technical staff as needed 
  • Provide first level after hours and holiday on-call support on a revolving basis with other staff 
  • Regularly scheduled for off-shift (evening or overnight) in a 4x10 or 3/4x12 model 
  • Interact with clients and vendors over the phone and in person in a professional manner 
  • Provide security tool tuning recommendations and feedback to the Security Engineering team 
  • Respond and manage internal security incidents as reported to the Security Operations Center  
  • Data and system use must comply with One Source information security policies and standards.  
  • Unauthorized access to data and/or systems is prohibited.  

Required Skills / Abilities: 

• Firm understanding of Cyber Security fundamentals 

• Good verbal and written communication skills for daily interactions with customers 

• Strong knowledge of security concepts such as ACLs, Sysmon, AV, APT, IDS, IPS, EDR, DLP, SIEM, MITRE ATT&CK framework, Incident response, and Threat hunting 

• Strong knowledge of endpoint security solutions 

• Knowledge and experience with of email security solutions 

• Experience with networking, including routing/switching/firewall/IPS/IDS 

• Preference for familiarity with the following tools: FireEye, Cofense, KnowBe4, Proofpoint, ELK, DarkTrace, Firemon, Crowdstrike, Acronis, Cisco, Cisco Meraki 

Education / Experience: 

• Bachelor’s Degree, or High School Diploma and additional industry experience 

• 2-4 years of experience in a Cyber Security role with responsibility for investigation of security incidents or incident remediation 

• Preference for direct experience in a Cyber Security Analyst role or appropriate industry certifications.  

Updated: 7/15/2024