Gravity IT Resources
Job Title: Security Operations Center Analyst
Location: Miami, Florida – 4 days a week
Job-Type: Direct Hire
Employment Eligibility: Gravity cannot transfer nor sponsor a work visa for this position. Applicants must be eligible to work in the U.S. for any employer directly (we are not open to contract or “corp to corp” agreements).
Overview: The Security Operations Center (SOC) Tier2 Analyst provides dedicated monitoring and analysis of cyber security events. The Tier2 Analyst will perform analysis of security events to include: validation, escalation & reporting of events of interest (EOI), and incidents. They are responsible for ensuring the SOC triage channels, and associated EOI are continuously monitored and reviewed.
- Ability to confidently and simply explain technical security issues without hype or buzzwords.
- Intermediate knowledge of popular SIEM platforms
- Create, modify, and remove security alerts based off of current and emerging threat landscape
- Provide knowledge of network monitoring, analysis, and configuration control technologies
- Propose new methods, solutions and integrations to better improve the SOC posture
- Provide analysis and trends of security log data from a large number of heterogeneous security devices
- Assist with escalations, reporting procedures and investigations
- Provide the various business units with incident response and threat and vulnerability management services as required by the business
- Provide Knowledge of TCP/IP communications and how common protocols and applications work at the network level to include DNS, HTTP, and SMB
- Provide knowledge of how the Windows file system and registry function
- Provide threat and vulnerability analysis as well as security advisory servicesAnalyze and respond to previously undisclosed software and hardware vulnerabilities
- Ensure audit trails, system logs and other monitoring data sources are operational
- Integrate and effectively share information with analysts, across teams (IT, Sec. Engineering, etc) and management
Education and Experience Requirements:
- 2+ years of experience working in a Security Operations Center
- Bachelors of Science or Bachelors of Arts degree preferred
- Preferred certifications: Network +, Security+, CEH, SSCP, CASP
This is primarily a sedentary office position which requires the incumbent to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary.
- CYSA +, CASP+, CISSP, CEH, SANS Security and other industry and/or vendor specific security certifications highly desired
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
- Experience working in a 24/7 SOC environment or similar IT/Security environment
- Experience with common incident response tools and technologies
- Knowledge of UNIX operating systems and command line tools
- Knowledge of cyber threat capabilities and technical capabilities to defend networks and systems
- Knowledge of network operating systems, SLAs, and service expertise
- Possession of excellent oral and written communication skills to clearly and concisely document security incident details and escalate appropriately
- Excellent initiative and critical thinking skills
- Experience with either threat and vulnerability management (Rapid7-Nexpose preferred) or end-point security management (Cylance preferred).
This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associates. Duties, responsibilities and activities may change at any time with or without notice.