The Intermediate Level Security Operations Center (SOC) analyst responsibilities include monitoring for security risks and acting upon information according to pre-
defined procedures and thresholds. Daily responsibilities include monitoring of risks and acting upon information according to pre-
defined use cases, custom developed use cases and pattern analysis. Analyst actions include advanced problem solving and issue remediation, as approved by SOC Leadership Team.
Analyst will apply analytical thinking and develop trends and patterns relevant to their daily work, to be reviewed by SOC Leadership Team.
Analyst may be required to participate in supporting activities requested by SOC Leadership Team during business disruptions and escalations.
Primary responsibilities will include but are not limited to daily monitoring of NSM solutions, performing initial triage of security events, and following established escalation procedures to engage appropriate parties as required.
In addition, the Intermediate Level SOC Analyst will serve as the primary point of escalation for Entry Level analysts; in that function the analyst will support Entry Level operations engaging Senior Level analysts and other support elements as required and will provide activity updates of SOC activities to the CTC team.
Candidate must have analytic and strong communication skills, be able to interpret diverse information security related elements, and be capable of determining appropriate points of engagement and escalation.
Regularly check work queue for incoming work assignment and complete all work daily
Respond to work queue items utilizing pre-defined operational procedures
Execute daily predefined and custom use cases
Utilize ticketing system to document all work steps taken
Periodically analyze trends and patterns for work assigned
Responsible for on call supporting the SOC 24 / 7 operations
Triage with other SOC Analysts, and SOC Leadership Team to discuss operational issues, trends, and patterns
Work with other SOC Analysts, or other members of Security, to respond to and / or hand off tickets
Escalate to SOC Leadership Team when ticket exceeds defined time to respond or when SOC Analyst believes a risk needs further attention or oversight
Competencies / Skills required to be successful in role
Intermediate knowledge of tools used for network security (DLP, NIPS, HIPS, AV, Firewalls, etc)
Intermediate - Strong understanding of network protocols
Intermediate - Strong knowledge of *nix and Windows operating system functionality
Strong analytical, documentation, and communication skills an must
Experience developing intelligence reports, a plus
Experience of in-depth evaluation of disparate data sources (trends and reporting), a plus
Intermediate - Strong experience in malware analysis or exploit development
Experience reversing malware, a plus
Experience creating Indicators of Compromise (IOCs) from malware analysis for integration into operations
Ability to communicate with both security leaders and technical analysts in a timely and concise manner
Experience with Splunk or other SIEMs
Bachelor’s degree in a technical field or equivalent experience
3+ years’ general Information Security experience
2+ years’ experience in a Security Operations Center role
Relevant security certifications required(at least one) : CCNA, CompTIA Security+, CompTIA Network+, CompTIA CySA.
Relevant security certifications preferred but not mandatory : CEH, Splunk, CASP, CCNP.
Primary Location : CRI-Heredia
Function - Security Governance and Compliance
Schedule : Full time