Security Operations Center; SOC Analyst

Security Operations Center (SOC) Analyst

Washington, District of Columbia, United States

Job Description:We are seeking a skilled and detail-oriented Security Operations Center (SOC) Analyst to join our team. As a SOC Analyst, you will be responsible for monitoring, analyzing, and responding to security incidents and threats within our organization. You will work closely with the SOC team to identify and mitigate security vulnerabilities, ensure the integrity of our systems, and maintain the overall security posture of the company.

Your expertise in security monitoring, incident response, and threat intelligence will be critical in protecting our infrastructure and sensitive data.

Responsibilities:

• Monitor security events and alerts from various security information and event management (SIEM) tools, intrusion detection systems (IDS), and other security monitoring platforms.
• Analyze security incidents, conduct investigations, and respond to security breaches or anomalies.
• Perform triage on security alerts, determining their severity and potential impact, and elevate as necessary.
• Conduct threat hunting and analysis, identifying potential indicators of compromise (IOCs) and emerging threats.
• Collaborate with cross-functional teams to develop and implement incident response plans and playbooks.
• Perform vulnerability assessments, penetration testing, and security assessments of systems and networks.
• Develop and maintain security incident reports, documentation, and standard operating procedures (SOPs).
• Stay up to date with the latest security threats, vulnerabilities, and attack vectors, and provide recommendations for risk mitigation.
• Participate in security incident simulations and tabletop exercises to test incident response capabilities.
• Assist in the implementation and maintenance of security controls, including firewall rules, access controls, and intrusion prevention systems (IPS).
• Monitor and analyze logs and network traffic for suspicious activities or policy violations.
• Provide recommendations for enhancing security tools, processes, and technologies.
• Collaborate with the security team to ensure compliance with relevant regulations and security standards.
• Conduct security awareness training and workshops for employees on security best practices.

Requirements:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Proven experience as a SOC Analyst or a similar role, with hands-on experience in security monitoring and incident response.
• Familiarity with security information and event management (SIEM) tools, intrusion detection systems (IDS), and other security monitoring platforms.
• Strong understanding of networking protocols, security protocols, and network security architecture.
• Knowledge of common cybersecurity threats, vulnerabilities, and attack vectors.
• Experience with security incident response methodologies, including containment, eradication, and recovery.
• Familiarity with security compliance frameworks and regulations such as ISO 27001, NIST, GDPR, or HIPAA.
• Strong problem-solving and analytical skills, with the ability to analyze security incidents and determine appropriate actions.
• Excellent communication and collaboration skills, with the ability to work effectively in cross-functional teams.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), CompTIA Security+, or Certified Ethical Hacker (CEH) are highly desirable.
• Experience with scripting languages (e.g., Python, Power Shell) and security automation is a plus.
• Knowledge of cloud security and experience in monitoring cloud-based environments (e.g., AWS, Azure) is an advantage.

Preferred Qualifications:

• Experience with incident response tools and playbooks, as well as security orchestration, automation, and response (SOAR) platforms.
• Familiarity with endpoint detection and response (EDR) tools and technologies.
• Understanding of threat intelligence platforms and their role in proactive threat hunting.
• Experience in conducting vulnerability assessments and penetration testing.
• Knowledge of regulatory requirements specific to the industry (e.g., PCI DSS, HIPAA) and experience in maintaining compliance.
• Continuous learning and willingness to stay up to date with emerging security trends and technologies.