DeepSeas · 3 hours ago

SOC Analyst

San Diego, CA

Full-time

Remote

Mid Level

3+ years exp

Maximize your interview chances

Cloud SecurityCyber Security

Insider Connection @DeepSeas

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Provide monitoring support in a 24x7x365 environment.

Investigate SIEM and endpoint alerts within the SOAR platform for containment, notification, and remediation.

Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.

Determine tactics, techniques, and procedures for intrusion sets

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Cyber Security OperationsSecurity Protection ToolsMicrosoft SentinelDefender for EndpointKQLMicrosoft Operating SystemsLinux Operating SystemsSOAR PlatformsMITRE ATT&CK FrameworkAdvanced Actor TTPs

Required

3-5 years cyber security operations experience

Experience with proprietary security protection/detection tools such as Firewalls, Host and Network IDS/IPS, Anti-Virus, EDR, URL Filtering Gateways, Email Filtering Gateways, DLP tools, SIEM tools, etc

Hands-on experience with Microsoft Sentinel, Defender for Endpoint, and KQL

Highly proficient in Microsoft and Linux operating systems

Experience working within one or more SOAR platforms

Familiarity with the MITRE ATT&CK framework

Working knowledge of advanced actor TTPs

Excellent written/verbal communication skills