SOC Analyst

Attention! This job posting is 506 days old and might be already filled.
Encode, Inc. Published: January 6, 2016

<p><strong>Location:</strong> Tempe, AZ    *relocation assistance available*<br />
<strong>Duration:</strong> 3 years<br />
<strong>Shifts available:</strong> 8am-5pm; 4pm-1am; OR 12am-8am</p>
<p>Description:<br />
• Provide initial investigation of security incidents<br />
• Provide communication and escalation throughout the incident per the CSIRT guidelines<br />
• Communicates directly with data asset owners and business response plan owners during high severity incidents<br />
• Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets<br />
• Perform analysis of log files<br />
• Takes an active part in the containment of incidents, even after they are escalated<br />
• Escalating issues when necessary<br />
Required skills:<br />
• Knowledge of network security zones, firewall, IDS<br />
• SOC experience<br />
• Hands-on incident detection &amp; escalation<br />
• Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to event<br />
• Knowledge of packet capture and analysis<br />
• Experience with log management or security information management tools<br />
• Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)<br />
• Ability to make information security risk determinations<br />
• Effective verbal and written communication skills<br />
• Linux and Windows Operating systems.</p>
<p>Training, Qualifications, and Certifications Preferred:<br />
• Security Essentials – SEC401 (optional GSEC certification)<br />
• Intrusion Detection In Depth – SEC503 (optional GCIA certification)</p>

 upload file ... Limit reached, delete at least one file below to add more.