27 Jul
Lead SOC Analyst
Vacancy expired!
- Must be an expert in LogRhythmn
- Advanced monitoring of the day-to-day operation of Security Information and Event Management (SIEM) and Network Anomaly Detection and other security control tools. Provides input into the daily security SOC report.
- Works on alerts assigned to the Eagle Bank Security Team from our outsourced Tier-1 24x7 managed SEIM monitoring provider as a Tier-2 advanced support person and on tickets directly sent to the security helpdesk.
- Ensures effective network monitoring, log management and log analysis from a variety of network sensors to investigate suspect network activity
- Interprets raw network traffic (e.g. packet capture) and determining whether activity is legitimate.
- Supervise the daily activities of junior SOC Analysts. Responsible for performance and contributes to employment decisions and training.
- Assist in operating all technical security systems and their corresponding or associated user/analyst interfaces, including web proxy filtering systems, host and client based firewalls, intrusion detection/prevention systems, endpoint security systems, ant-malware and anti-virus software to monitor network activity.
- Conducts investigations, malware analysis and prepares comprehensive reports with timely escalations to Network or Security Engineering, for review.
- Remain informed on trends and issues in the security industry, including current and emerging technologies.
- Bachelor’s degree in Computer Science or Information Systems, Information Technology or related focused technical training or in lieu 4 additional years of engineering and project management experience.
- 6 year of related experience in Information Security, with at least 4 years of Security Engineering or Security Administration preferred.
- Familiarity with security tools (Vulnerability Management, SIEM, Endpoint Security, Web proxies, etc.)
- Supervisory or Leadership experience
- Knowledge of TCP/IP networking: networking topology, protocols and services.
- Advanced Knowledge of Microsoft and Linux operating systems.
- Knowledge of SEIMs like LogRythmn, Qradar, Splunk, etc.; NDR like Darktrace, ExtraHop, Vectra, etc.
- Knowledge of SOC tools like VirusTotal, various Sandboxes, various Malware Analysis tools
- Knowledge working on alerts from systems, firewalls (PaloAlto, Fortinet); IDS/IPS, VPN, WAFs, etc.
- Good working knowledge of Microsoft Office applications and other software applications as required.
- Broad knowledge of computer networking technology.
Vacancy expired!