POSITION TITLE: SOC Analyst
The SOC Analyst will manage the end‐to‐end operational deployment, verification, incident handling and
support of our Customers’ global SIEM as a Service infrastructure. This is an operational role and is
focused on delivering 24 x 7 responsibilities to our Customers.
This position is currently located in Stamford, CT.
- Provide operational and technical support to our Customers.
- Manage incident investigation, diagnosis and resolution of Customer security issues (alerts, H/W, etc.)
- Ensure all unresolvable cases are passed to the correct team for action as appropriate
- Manage the deployment, testing & maintenance of appropriate S/W or H/W levels as required by our Customers
- Ensure high level of quality when dealing with tickets, requests and customer queries
- Maintain necessary system accesses and tools which allow you to perform role
- Ensure documentation is maintained appropriately on Sharepoint & new documents are created/stored correctly
- Engage with Customers to build and maintain good, professional relationships
- Manage operational relationships with all relevant parties (e.g. working Black Stratus to driving Customer issues & identification of solutions)
- Responsible for the application of IT Security Policy, processes & procedures to mitigate risks to our Customers
- May be required to provide on call emergency support if required by the business. Please note this would be done under a change to your Terms & Conditions and your Contract would be amended to reflect the necessary payments.
- Where possible, provide OOH working to fulfill Customer requirements
- Provide product overview to customer
- Manage customer on‐boarding
- Provide participation on ORT’s
- Prepare customer filter & tuning requests
- Arrange & manage customer tuning calls
- Prepare reports & distribute in readiness for customer tuning calls
- Arrange & manage customer calls
- Manage CSR’s
- Manage Portal provisioning
- Arrange & manage client management calls (record outputs/actions appropriately)
- Create scheduled customer reporting, from existing reports, where appropriate
- Qualified to degree level, or equivalent professional experience and/or with recognized qualifications.
- Relevant experience of Network Security Systems & Operations
- Understanding of Logging both Security and non‐security logs; must be able to provide examples of plaintext vs. binary and identify the benefits/limitations
- Knowledge of Linux/Unix and Microsoft Security Logging Policies (e.g. where they are implemented and why you don’t just log everything)
- Knowledge of Network Application Logs Especially Proxies, Web Application Firewalls, and Stateful Firewalls (e.g. What are fields one sees in an Application log they wouldn’t see in a Stateful Firewall log)
- Knowledge of Syslog, SNMP, WMI and the benefits and limitations of each
- Relevant experience of stakeholder management and excellent interpersonal skills – must be able to gauge their audience
- Relevant operational knowledge and experience of risk management
- Knowledge of Security management, network and information security, people security and running of one or more services within a Security Operations Center
- Holds appropriate level of Security Clearance
Excellent Benefits Package (medical, dental, vision, FSA, paid time off, 401k)