The Level 2 Security Operations Center (SOC) analyst responsibilities include monitoring for security risks and acting upon information according to pre-
defined procedures and thresholds. Daily responsibilities include monitoring of risks and acting upon information according to pre-
defined use cases, custom developed use cases and pattern analysis. Analyst actions include advanced problem solving and issue remediation, as approved by SOC Front Line Manager.
Analyst will apply analytical thinking and develop trends and patterns relevant to their daily work, to be reviewed by SOC Front Line Manager.
Analyst may be required to participate in supporting activities requested by SOC Front Line Manager or SOC Manager during business disruptions and escalations.
Primary responsibilities will include but are not limited to daily monitoring of NSM solutions, performing initial triage of security events, and following established escalation procedures to engage appropriate parties as required.
In addition, the Level 2 SOC Analyst will serve as the primary point of escalation for Level 1 analysts; in that function the analyst will support Level 1 operations engaging Level 3 analysts and other support elements as required and will provide activity updates of SOC activities to the CTC team.
Candidate must have analytic and strong communication skills, be able to interpret diverse information security related elements, and be capable of determining appropriate points of engagement and escalation.
Regularly check work queue for incoming work assignment and complete all work daily
Respond to work queue items utilizing pre-defined operational procedures
Execute daily predefined and custom use cases
Utilize ticketing system to document all work steps taken
Periodically analyze trends and patterns for work assigned
Responsible for after hours on call supporting the SOC 24 / 7 operations
Triage with other SOC Level 2 Analysts, Technical Lead and SOC Front Line Manager to discuss operational issues, trends, and patterns
Work with SOC Level 1, 2 and 3 Analysts, or other members of Security, to respond to and / or hand off tickets
Escalate to SOC Front Line Manager when ticket exceeds defined time to respond or when SOC Level 2 Analyst believes a risk needs further attention or oversight
Competencies / Skills required to be successful in role
Intermediate knowledge of tools used for network security (DLP, NIPS, HIPS, AV, Firewalls, etc)
Intermediate - Strong understanding of network protocols
Intermediate - Strong knowledge of *nix and Windows operating system functionality
Strong analytical, documentation, and communication skills an must
Experience developing intelligence reports, a plus
Experience of in-depth evaluation of disparate data sources (trends and reporting), a plus
Intermediate - Strong experience in malware analysis or exploit development
Experience reversing malware, a plus
Experience using IDA pro, OllyDbg, WinDBG, or any other applicable tools for reversing of compiled code, a plus
Experience creating Indicators of Compromise (IOCs) from malware analysis for integration into operations
Experience in conducting investigations in support of criminal or civil litigation
Bachelor's degree in a technical field or equivalent experience
3+ years' general Information Security experience
2+ years' experience in a Security Operations Center role
Ability to communicate with both security leaders and technical analysts in a timely and concise manner
Relevant security certifications a plus (such as : CISSP, GCIA, GCIH, GREM, CEH, CSS, Security +, Network+, Splunk Certification, others), preferred but not mandatory
Primary Location : CRI-Heredia
Function - Security Governance and Compliance
Schedule : Full time