Information Security Operations Analyst
H, Heredia, CR
hace 36 días

Summary Description

The Level 2 Security Operations Center (SOC) analyst responsibilities include monitoring for security risks and acting upon information according to pre-

defined procedures and thresholds. Daily responsibilities include monitoring of risks and acting upon information according to pre-

defined use cases, custom developed use cases and pattern analysis. Analyst actions include advanced problem solving and issue remediation, as approved by SOC Front Line Manager.

Analyst will apply analytical thinking and develop trends and patterns relevant to their daily work, to be reviewed by SOC Front Line Manager.

Analyst may be required to participate in supporting activities requested by SOC Front Line Manager or SOC Manager during business disruptions and escalations.

Primary responsibilities will include but are not limited to daily monitoring of NSM solutions, performing initial triage of security events, and following established escalation procedures to engage appropriate parties as required.

In addition, the Level 2 SOC Analyst will serve as the primary point of escalation for Level 1 analysts; in that function the analyst will support Level 1 operations engaging Level 3 analysts and other support elements as required and will provide activity updates of SOC activities to the CTC team.

Candidate must have analytic and strong communication skills, be able to interpret diverse information security related elements, and be capable of determining appropriate points of engagement and escalation.

Key Responsibilities

  • Regularly check work queue for incoming work assignment and complete all work daily
  • Respond to work queue items utilizing pre-defined operational procedures
  • Execute daily predefined and custom use cases
  • Utilize ticketing system to document all work steps taken
  • Periodically analyze trends and patterns for work assigned
  • Responsible for after hours on call supporting the SOC 24 / 7 operations
  • Triage with other SOC Level 2 Analysts, Technical Lead and SOC Front Line Manager to discuss operational issues, trends, and patterns
  • Work with SOC Level 1, 2 and 3 Analysts, or other members of Security, to respond to and / or hand off tickets
  • Escalate to SOC Front Line Manager when ticket exceeds defined time to respond or when SOC Level 2 Analyst believes a risk needs further attention or oversight
  • Competencies / Skills required to be successful in role

  • Intermediate knowledge of tools used for network security (DLP, NIPS, HIPS, AV, Firewalls, etc)
  • Intermediate - Strong understanding of network protocols
  • Intermediate - Strong knowledge of *nix and Windows operating system functionality
  • Strong analytical, documentation, and communication skills an must
  • Experience developing intelligence reports, a plus
  • Experience of in-depth evaluation of disparate data sources (trends and reporting), a plus
  • Intermediate - Strong experience in malware analysis or exploit development
  • Experience reversing malware, a plus
  • Experience using IDA pro, OllyDbg, WinDBG, or any other applicable tools for reversing of compiled code, a plus
  • Experience creating Indicators of Compromise (IOCs) from malware analysis for integration into operations
  • Experience in conducting investigations in support of criminal or civil litigation
  • Educational Requirements

  • Bachelor's degree in a technical field or equivalent experience
  • 3+ years' general Information Security experience
  • 2+ years' experience in a Security Operations Center role
  • Ability to communicate with both security leaders and technical analysts in a timely and concise manner
  • Relevant security certifications a plus (such as : CISSP, GCIA, GCIH, GREM, CEH, CSS, Security +, Network+, Splunk Certification, others), preferred but not mandatory
  • Primary Location : CRI-Heredia

    Function :

    Function - Security Governance and Compliance

    Schedule : Full time

    Full time

    Añadir a los favoritos
    Elimnar de mis favoritos
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", acepto que neuvoo recolecte y procese mis datos de conformidad con lo establecido en su Política de privacidad . Tengo derecho a darme de baja o retirar mi autorización en cualquier momento.
    Formulario de postulación