Security Operations Center Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

RSM US LLP · 11 hours ago

Security Operations Center Analyst

positionHarrisburg
timeFull-time
remoteOnsite
seniorityNew Grad, Entry Level
money$56K/yr - $67K/yr
date0+ years exp

RSM US LLP is a leading provider of professional services to the middle market globally, dedicated to instilling confidence in a world of change. The Security Operations Center Analyst will work within the Cyber Risk and Data Protection group, focusing on investigating security incidents and improving security operations for a diverse client base.

AccountingConsultingFinancial Services
check
Growth OpportunitiesbadNo H1Bnote

Responsibilities

Investigate security incidents using SIEM tools, automation and other cybersecurity technologies (i.e ServiceNow, Stellar Cyber, SentinelOne, Microsoft Defender for Endpoint, ELK Stack, Virustotal, Passive DNS)
Analyze, escalate, and assist in remediation of critical information security incidents
Improve and challenge existing processes and procedures in a very agile and fast-moving information security environment
Process IDS alerts and identifying incidents and events in customer data
Setup and execution of vulnerability scans (Tenable/Nessus)
Read/interpret outputs from vulnerability scans
Perform initial analysis and investigation into alerts as they are seen
Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools)
Incident intake, ticket updates and reporting of cyber events and threat intelligence
Understanding, identifying and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds
Writing incident reports, process documentation, and interact with customers if needed
Transcribe and implement atomic indicators into a monitoring environment
Consume policy documentation and determine applicability in a network
Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports
Open to working shifts in a 24x7 operations environment

Qualification

SIEM toolsActive DirectoryCloud technologiesVulnerability scansNetwork protocolsWindows/LinuxAnalytical skillsTroubleshooting skillsWritten communicationVerbal communication

Required

Minimum A.S or A.A.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience
Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security
0-2 years' experience working in a security operations center or networking operations center capacity
Must have a naturally curious mindset and approach to solving problems
Basic understanding of cloud technologies and operations
Experience supporting various operating systems such as Windows/Linux
Understanding of network protocols
Motivated self-starter with strong written and verbal communication skills
Strong analytical and troubleshooting skills

Preferred

Security incident and event management (SIEM/Data) tools such as Splunk, LogRhythm, Devo, Elasticsearch etc
Common cloud platforms – Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform
Security orchestration and automated response (SOAR) tools such as: Shuffle SOAR and other open source security tools, etc
Vulnerability tools such as: Kenna, Tenable, Qualys, etc
Threat intelligence tools such as Recorded Future and MISP
Endpoint/HIDS detection and response tools such as: CarbonBlack, Crowdstrike, Wazuh etc
Cloud access service brokers such as Netskope, ZScaler, McAfee, Forcepoint
Technical understanding of core current cybersecurity technologies and threats as well as emerging capabilities
Hands-on cybersecurity experience within a Computer Incident Response organization
Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs)

Benefits

Flexibility in your schedule
Total rewards at https://rsmus.com/careers/working-at-rsm/benefits

Company

RSM US LLP

twittertwittertwitter
Glassdoor3.8
company-logo
Stay Alert: Avoid Recruitment Scams Across industries, cybercriminals are posing as company recruiters using fake job postings and employment offers to trick people into providing personal information or payment.
dateFounded in 1926
location
Chicago, Illinois, USA
people-size10001+ employees
web-link
http://www.rsmus.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Bill Kracunas
Principal and National Leader, Strategy and Management Consulting
linkedin
leader-logo
David Hickethier
Principal, Strategy & Human-Centered Design
linkedin

Recent News

EIN Presswire
Levridge and RSM Forge Strategic Partnership to Accelerate Digital Transformation in Agribusiness
2025-10-30
FoodProcessing.com
What the Big Beautiful Bill Means for You: Webinar
2025-09-13
BiometricUpdate.com
Gaps in MFA, confidence, cybersecurity training make organizations vulnerable
2025-08-29
Company data provided by crunchbase