SOC II Analyst (SOC / IDS / IPS / SIEM )
Location: Atlanta, GA
Pay: $65,000.00 - $75,000.00 /Year
Name: Matt Doerner
SOC II Analyst (SOC / IDS / IPS / SIEM) | Buckhead
Optomi in partnership with one of Atlanta's most renown and respected Banking Institutions is seeking a Tier II SOC resource who will be responsible for monitoring the Bank’s host, network, data, and application technologies for potential intrusions or other negative network security events. This role's primary responsibility is investigating alerts from the various security platforms in the Bank’s environment, and working to facilitate investigations with the security team by gathering and reporting on data events. The review and action steps require a strong analytical mind that can take a security alert and the ability to investigate it across many systems.
What the right professional will enjoy!!
- Work in a fast-paced, ever leading edge environment in an opportunity with a small team, wearing multiple hats
- Career Growth! You won’t get silo'd into a SOC or Anti-Virus team
- Very family Oriented and there is always an open door policy to ask for help from Upper Management --From the CIO down
- After first 6 months working, they will give $1500 towards certification reimbursement training
- Ability to stack your hours and bill for as many as they want and Bank Holidays off!
- Flexible shift hours come in early leave early or come in at 9.
The Right Candidate Must Have the Following Requirements:
- A minimum of 3 to 4 years of experience in monitoring security tools, such as tier 1 or tier 2 analyst within a security operations center.
- SQL Injection experience
- Experience hardening enterprise networks and advanced knowledge of the following network protocols HTTP, HTTPS, FTPS, SFTP, SNMP, SMTP, SSH, SSL, RDP, and SIP.
- Hands-on experience with tools including IDS/IPS, SIEM, and web filtering solutions.
- Experience checking external IPs associated with the alerts to determine if they are part of known watch list.
- 2 years experience working in depth with Security RSA Security Analytics
- High level understanding of network and security concepts such as OSI and TCP/IP model, operating systems and the CIA triad.
- Understand web attack methods such as Cross Site Scripting attacks (XSS) and SQL Injection.
- Experience utilize tools to perform packet analysis.
- CISSP, CEH or Sans Certification, Certified Ethical Hacker, Security + (Preferred)
- Experience working with at least 3 of the following tools preferred: Netwitness, Bluecoat, McAfee IDS/IPS, McAfee EPO, Qualys, or Symantec.
- Analyze, troubleshoot, and investigate security-related, information systems’ anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.
- Provide response support as needed for information security related events/investigations.
- Maintain and update relevant system and process documentation and develop ad-hoc reports such as activity statistics.
- Provide off-hours support on an infrequent, but as needed basis.
- Review, record, and action alerts from network and host-based security platforms such as:
- Network-based Intrusion Detection/Prevention Systems (IDS/IPS)
- Security Information & Event Management (SIEM) platform
- Endpoint protection
- Firewall and network access controls lists
- Web and E-mail proxy and filtering systems