75 applicants

Company

DTS · 4 hours ago

Security Operations Center Analyst

United States

Full-time

Remote

Mid Level

$68K/yr - $76K/yr

Maximize your interview chances

Business DevelopmentConsulting

No H1B

Security Clearance Required

Insider Connection @DTS

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Monitor network activity and alerts/incidents created and conducts initial incident response investigations using Security Incident and Event Management (SIEM) tools

Configures client environments with Defender Security Center, Microsoft Sentinel, log analytics workspace, data connectors, analytic rules, and logic apps

Gather relevant alert/incident information and closes as appropriate

Escalate security incidents to the appropriate team or individual

Review automated response activities for accuracy of information

Support SOC operations reporting through creation of evidence artifacts and biweekly reports

Leads continuous monitoring of security control efforts

Review and deploy analytic rules and queries to client environments

Update environment settings in response to threat intelligence and incidents observed

Develops custom KQL queries for review

Perform initial device remediation in relation to security incidents

Stay current on security trends, updates to related tools, and compliance frameworks

Test and implements security automation; Assist in configuring client environments and migration of devices

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

CybersecurityMicrosoft 365Kusto Query Language (KQL)Microsoft SentinelDefender Security CenterAsanaSalesforce Lightning

Required

Bachelor’s Degree in Cybersecurity, Information Security, or related field

Knowledge of Microsoft 365 products

Problem Solving: Ability to approach security related problems from an analytical mindset.

Develop multiple solutions to a problem and realize the solution is not always a readily available answer. Apply automation techniques where it makes sense.

Decision Making: Position requires a significant amount of autonomy and decisiveness. You must be able to make informative decisions quickly, accurately, and with evidence to support your decision.

Multitasking: Position has responsibilities across multiple independent cloud environments, each with unique needs and concerns. You must be able to switch tasks rapidly and work on multiple concurrent responsibilities.

Communication: Excellent verbal and written communication skills, interpersonal, and teaching skills are required. This position interacts with clients on a regular basis and professional communication is a must. Position must be able to effectively communicate with users at all levels of technical knowledge and explain concepts in an easy-to-understand manner. Additionally, deliverables are to be professionally written and communicated in a concise manner, with a focus on the intended audience.

Following Instructions: Ability to follow verbal and written instructions and recreate results desired. Many process are standard and must be able to be duplicated.

Trends: Stay current on best practices, security trends, and attack techniques. Use knowledge gained to apply security controls and automation to environment to detect compromise and remediate vulnerabilities.

Management: Position has light management responsibilities. Must possess the ability to coach and train team members when necessary.

Preferred

Knowledge of Asana Project Management tool

Knowledge of Salesforce Lightening tool

Knowledge of Kusto Query Language (KQL), ability to write custom queries, and experience in the Azure, Stack and Microsoft portals such as Defender, Endpoint Manager, and Sentinel is preferred

Microsoft certifications preferred