Be an early applicantLess than 25 applicants

Company

Original Job Post

myGwork - LGBTQ+ Business Community · 2 days ago

Senior Security Operations Analyst

Atlanta, GA

Full-time

Onsite

Senior Level

5+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Internet

Insider Connection @myGwork - LGBTQ+ Business Community

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

In-depth security event analysis

Facilitate and oversee the execution of day-to-day directions given by CSOC Manager

Enhancing detection and alert maturity

Enhancing technical and administrative processes and procedures.

Providing blue team subject matter expertise to advise CSOC Leadership and mentor Analysts.

Document and communicate findings and after-action reports to the entire security team.

Review investigations and perform QA/QC.

Drive alert logic refinement through tuning and whitelisting.

Train and Mentor Associate and Mid-level Analysts

Preforming Tier 3 On Call rotations to include Weekends or Nights

Additional tasks and duties as directed by CSOC Manager

Incident coordination by assignment of Work Streams and creation of reports

Serve as the technical escalation point for the CSOC team.

Provide ad-hoc training to team members.

Perform CSOC maturity projects under the guidance of Cyber Operations Leadership

Partner with Security Engineering teams to enhance features and capabilities within current security tooling.

Create and update written policies and procedures.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Incident ResponseRoot Cause AnalysisTechnical ReportingLinuxIOSWindowsLog AnalysisSIEMDigital ForensicsCIRT/CSIRTExploitsVulnerabilitiesMalware AnalysisFirewallsIntrusion DetectionIntrusion PreventionProblem-SolvingCritical ThinkingCollaborationSecurity CertificationsCYSA+CISSPCFRCHFIGCIHGCFAGNFAPenTest+OSCP

Required

5-7 years of relevant experience or equivalent demonstrable knowledge & skill set.

Ability to think critically to solve problems with minimal guidance.

Ability to perform comprehensive Incident, root cause analysis and write technical reports.

The ability to conduct investigations on multiple operating systems such as Linux, iOS, and Windows.

Experience performing manual log analysis from a variety of host-based and network-based sources.

The ability to conduct security investigations without the assistance of pre-extracted data or pre-established queries across multiple platforms like a SIEM, OS CLI/Terminal, EDR tool, etc.

Familiarity with Digital Forensics and Incident Response (DFIR) concepts

Experience participating in CIRT/CSIRT investigations.

Knowledge of exploits, vulnerabilities, malware families and common attack vectors

Experience with firewalls, intrusion detection/prevention systems

Effective in collaborating with teams in remote offices and multiple cultures across the globe.