Level I SOC (Security Operations Center) Analyst (Hybrid remote/on-site) - Contract
- Job Title
- Level I SOC (Security Operations Center) Analyst (Hybrid remote/on-site) - Contract
- Job ID
- Ann Arbor, MI 48106
- Other Location
Title: Level I SOC (Security Operations Center) Analyst
From our start in 2009, Conexess has established itself in 3 markets, employing nearly 200+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies, to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record
Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project based work.
This position performs accurate and precise real-time analysis and correlation of logs/alerts from a multitude of users, devices and other elements with a focus on the determination of whether said events constitute security incidents. Analyze and assess security incidents and escalate to stakeholders or appropriate internal teams for additional assistance. Manage all users, stakeholders, franchisees, customers, and vendors’ interactions in a professional manner with emphasis on delivery quality and effective services.
SOC Analyst will manage and monitors events from internal security devices, and authentication services associated with our client’s security controls. SOC Analyst will possess technical analytical skills while providing accurate analysis of security-related problems. They have a well-rounded networking background and are responsible for performing extensive troubleshooting of security issues in the fast-paced SOC. This individual is user focused and works to resolve SOC needs in a timely manner. These needs may involve resolving hardware/software failures, investigating and responding to security threats, and making change requests to the security policy of company devices.
- The SOC Analyst must be willing and able to work outside normal business hours to include night and/or weekend on-call rotation. Coordinates with other Information Technology areas to resolve problems, as necessary.
- Provide technical support during assigned shift (Available Shifts: 6:00 AM to 6:00 PM or 6:00 PM to 06:00 AM) hours; according the process and procedures defined by our client. This involves handling events such as identifying user security issues, extensive troubleshooting, and coordinating resolution or restore using a variety of applications and testing tools. The events can include hardware/software failures as well as security breaches, threats, or network connectivity issues. Regularly provide high-level proactive technical support, including security configurations, security policy modification recommendation, and diagnostics of remote network security issues.
- Professionally and courteously answer inbound security-related calls and provide users with the best possible customer service and experience, create tickets, fill out necessary checklist paperwork, generate trouble tickets for all work and informational requests, handle security-related user complaints, and escalate according to established procedures.
- Handle incident, users, stakeholders, franchisees and customers’ requests and questions received via phone, e-mail, or an internal ticketing system in a timely and detail-oriented manner in order to resolve a multitude of information security related incidents. Interact with, configure, and troubleshoot SIEM platform, Endpoint systems and other related systems via proprietary and commercial consoles. Meet service level agreements regarding response time and client notification.
- Ensure that the company is implementing best practice security policies that address business needs while protecting vital corporate assets. Individual must be able to perform with minimal supervision of routine duties; must demonstrate ability to solve practical problems and deal with a variety of concrete variables in situations where limited standardization exists; interpret written, and oral instructions, diagram, or schedule formats; and be able to handle multiple tasks simultaneously.
- Demonstrate excellent communication and service skills by documenting all analysis work and communications within a ticketing system. Meet service level agreements regarding response time and proper notification. Remotely manage devices and security systems to correct problems. Manage, participate in, or directly work on any additional projects, assignments, or initiatives assigned by management. Utilize internal guidelines in order to properly handle service requests and questions.
- The SOC Analyst need the ability to learn new technology and concepts quickly.
- Minimum of 2 years of relevant experience or equivalent combination of education and work experience:
- Completion of a Bachelor’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics.
- Completion of an Associate’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics and 1 years of work experience in the field.
- Significant theoretical and practical knowledge in the following areas:
- Operations Systems: Windows, Unix, Linux, etc.
- Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
- Exploits, vulnerabilities, network attacks
- Packet analysis tools optional but desirable (tcpdump, Wireshark, ngrep, nmap, etc.)
- Regular expressions optional but desirable
- Basic understanding of Windows or Linux operating systems including:
- Managing processes
- Active Directory
- Obtaining system statistics such as CPU, memory, disk, network interface utilization from the command line Identifying potential problems from system logs
- Excellent problem solving skills that would allow for the ability to diagnose and troubleshoot technical issues. Service-oriented with a strong interest in end-user satisfaction.
- Excellent written and verbal communication skills, Time management and organizational skills.
- Rudimentary understanding of intrusion detection/prevention, firewall operations, and other general security practices. Solid understanding of computer network fundamentals including address resolution protocol, routing, network address translation, virtual private networks, and the OSI model.
- Knowledge and experience with PCs, LAN topologies, routers, hubs, VPN technology and terminal servers. Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools.
- Ability to read and interpret network diagrams, and to read and understand packet captures (desirable).