The Entry Level Security Operations Center (SOC) analyst responsibilities include monitoring for security risks and acting upon information according to pre-
defined procedures and thresholds. Analyst actions may include basic problem solving and issue remediation, as approved by SOC Leadership Team.
Analyst will apply analytical thinking and develop trends and patterns relevant to their daily work, to be reviewed by SOC Leadership Team.
Analyst may be required to participate in supporting activities requested by SOC Leadership Team during business disruptions and escalations.
Primary responsibilities will include but are not limited to pre-defined monitoring tasks, review incoming emails or phones calls and following established escalation procedures to engage appropriate parties, as required.
Candidate must have good analytic and communication skills and be capable of determining appropriate points of escalation.
Act as the initial point of contact for the SOC, reviewing incoming e-mails and receiving phone calls and performing triage and / or escalating as required.
Regularly check work queue for incoming assignments and complete all work daily.
Respond to work queue items utilizing pre-defined operational procedures
Execute daily pre-defined monitoring tasks
Utilize ticketing system to document all work steps taken
Categorize malicious activity into appropriate predefined categories.
Periodically analyze trends and patterns for work assigned
Triage with other SOC Analysts and SOC Leadership Team to discuss operational issues, trends, and patterns
Work with SOC Intermediate Level Analysts, or other members of Security, to respond to and / or hand off tickets
Escalate to SOC Leadership Team when ticket exceeds defined time to respond or when SOC Entry Level Analyst believes a risk needs further attention or oversight
Competencies / Skills required to be successful in role
Basic - medium knowledge of tools used for network security (DLP, NIPS, HIPS, AV, Firewalls, etc.)
Clear understanding of network protocols
Basic - intermediate knowledge of *nix and Windows operating system functionality
Strong analytical, documentation, and communication skills is a must
Experience developing intelligence reports, a plus
Experience in in-depth evaluation of disparate data sources (trends and reporting), a plus
Intermediate experience in malware analysis or exploit development
Experience reversing malware, a plus
Ability to communicate with both security leaders and technical analysts in a timely and concise manner
Experience with Splunk or other SIEMs
Bachelor’s degree in a technical field or equivalent experience ( or in progress )
2+ years’ general Information Security experience
1+ years’ experience in a Security Operations Center role
Relevant security certifications required (at least one) : CCNA, CompTIA Security+, CompTIA Network+, and / or CompTIA CySA.
Relevant security certifications preferred but not mandatory : CEH, Splunk, CASP, CCNP.
Primary Location : CRI-Heredia
Function - Security Governance and Compliance
Schedule : Full time