Security Operation Center Analyst
About the Position
Provide support to ServiceNow administrators and Directory Services on hardening ServiceNow service accounts of type rest service.
o Work with SOC Prime to operationalize MITRE ATT&CK and conduct threat hunting.
o Review vulnerabilities as directed by customer leadership
o Creating custom lists and alerting rules in MTA Recorded Future portal.
o Reviewing, validating, and following up on Recorded Future alerts
o Assist TI lead organizing TI activity Cyber Program Support
o Provide Guidance, Peer Review and Support to TI Team Cyber Program Support
o Incidents Investigation Threat Research as directed by customer leadership
o Perform network security analysis and conduct Second Level incident response and event analysis based on established procedures.
o Monitors, identifies, investigates, issues related to potential security breaches and security risks
o Coordinate IT security incident response process which includes coordinating the evaluation and response for actual or potential security events.
o Ability to work in an enterprise environment and function as a technical contributor among a large team of peers and subject matter experts.
o Technical expertise in systems administration of security tools (e.g. antivirus, patching, web content filtering, data loss prevention) combined with an understanding of security best-practices and procedures.
Behavioral skills desired:
o You have an ability to form relationships at various/multiple levels
o You are detailed and thoughtful in your work ethic
o You have very good written and verbal communication skills
Key technical skills the person should have:
o 2+ years of experience within a technical security role (i.e., network security, operating system security, Internet/web security, DLP, anti-malware, IDS/IPS, penetration & vulnerability testing), internet security.
o 2+ years network security
o 2+ years Operating system security
o 2+ years internet /web Security