SOC Analyst II
Irvine, CA

Job Description

Requisition ID: 146952

Job Category: IT

Location: United States-California-Irvine-5 Park Plaza Suite 1100 Irvine 92614

Posted Date: 6/7/2019 11:53:33 AM

Sr. Analyst, Security Operations II

SUMMARY STATEMENT

The primary purpose of the job is to act as the shift lead for monitoring the networks and applications and detect security threats, respond to security incidents, tune security detection systems, and triage security requests from the business.

MAJOR DUTIES / KEY RESPONSIBILITIES

1. Act as the lead coordinator to individual information security incidents and as the point of escalation for Level-1 SOC security analysts in support of information security investigations, providing guidance and oversight on incident resolution and containment techniques.

2. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center.

3. Document incidents from initial detection through final resolution and directs remediation and recovery efforts with CSIRT.

4.Monitors the health of security sensors and SIEM infrastructure. Coordinate with IT teams on escalations, tracking, performance issues, and outages.

5. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats

6. Creates, delivers, and reviews security reports

7. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures.

8. Staying up-to-date with emerging security threats

QUALIFICATIONS:

EDUCATION:

* High School Diploma or GED / Bachelor's Degree or equivalent work experience.Computer Science, Computer Engineering, MIS, or related field (Required)
* Licenses or certifications: CISSP, Security+, GSEC (Preffered)

EXPERIENCE:

Required experience:

Years: 3 - 5 years

Details:

* Security operations experience
* Anti-Malware tools
* Security Incident Handling
* IT support experience
* SIEM Experience IBM QRadar(preferable), LogRhythm, Splunk
* Intrusion Detection / Protection Systems

Preferred Experience:

Years: 3 - 5 years

Details:

* Scripting / Coding - Python
* Shift leader experience

Additional details: • Collaborative and team focused

* Ability to prioritize tasks
* Ability to work independently and in a team environment