Senior Security Operations Analyst | Team Lead
Knoxville, Tennessee
Avertium
Avertium is a cyber fusion company with a programmatic approach to measurable cyber maturity outcomes.The Lead Security Operations Analyst collaborates closely with clients to deliver proactive support, minimizing security risks within their network. You will be responsible for implementing and upholding security protocols spanning application, web, and infrastructure security with clients. You will also engage with various stakeholders across the client's organization, aligning business and IT security goals. In this role, you'll lead a team of analysts, overseeing daily SOC operations to ensure seamless delivery of cybersecurity services to our clientele. Your technical expertise, leadership abilities, and strong communication skills will be essential in maintaining the efficiency and effectiveness of our SOC operations.
Responsibilities:
- Monitor, respond to, and analyze SIEM alerts from monitoring tools.
- Mentor and Lead team of Analysts.
- Create Weekly and Monthly Status Reports, including daily technical task reports and contract deliverables.
- Respond to security tickets escalated from clients, and work collaboratively with clients to resolve issues through multi-step breach and investigative analysis.
- Provide technical guidance to clients to enhance overall security posture within the managed products. Handle daily incidents; monitor, track, analyze and record.
- Collaborate with SIEM Engineers to develop and refine correlation rules.
- Work on complex tasks assigned by leadership, coordinate effort among L1, L2 and L3 Analysts.
- Assist in defining and driving strategic initiatives to improve SOC capabilities.
- Analyze packet captures and perform malware reverse engineering to identify and address malicious activity.
- Phishing email attack analysis to include extraction of links and/or files to determine what the attacker is trying to gain.
- Work with other IT professionals to resolve fast moving vulnerabilities, such as spam, virus, spyware and malware.
- Monitor security vulnerability information from vendors and third parties.
- Proactive Threat Hunting using industry tools and existing IDS systems.
Qualifications:
- Strong written, verbal and non-verbal communication skills, especially conveying complex information in an understandable manner.
- Experience with SIEM technology such as: AlienVault USM Appliance, USM Anywhere, LogRhythm, and/or Wazuh IDS highly preferred.
- CISSP, CISA or GIAC certification is a plus.
- 5+ years of experience working with Microsoft Active Directory.
- Experience in managing an organization's PCI, HIPAA, or SSAE16 certification is preferred.
- Analyze and resolve complex technical and business problems.
- Must have proficient knowledge with three or more of the following technologies: Application / stateful / UTM firewalls; SIEM; DLP; Web content filtering; Web application firewalls (WAF); Vulnerability scanning and penetration testing; IPS/IDS; Security Operations Center operations; Wireless Networking; UNIX, AIX & Solaris, Linux, Windows Server Operating Systems; Endpoint and Malware.
- Knowledge with NIST, FISMA, DIACAP.
- Knowledge of Windows 2003-12, VMware and VM and Unix server platforms.
- Working knowledge of analyzing IIS, SQL, firewall, IPS/IDS, Windows.
- Ability to analyze IANA assigned ports (well known, registered, dynamic and private ports).
- Ability to troubleshoot common network devices, network, vulnerabilities and network attack patterns.
- Ability to troubleshoot Windows Event IDs.
- Manage multiple tasks and projects simultaneously.
- Advanced network and systems certifications such as CCNP, CCNA and CISSP, are preferred.
- Other industry certifications such as ITIL, Microsoft, Juniper and Checkpoint are a plus.
- Understanding of the Cyber Kill Chain and MITRE ATT&CK and experience applying them to defensive operations.
Avertium provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory AlienVault CCNP CISA CISSP Cyber Kill Chain DIACAP Firewalls FISMA GIAC HIPAA IDS IPS ITIL Linux LogRhythm Malware MITRE ATT&CK Monitoring NIST Pentesting Reverse engineering SIEM SOC Solaris SQL UNIX VMware Vulnerabilities Windows
Perks/benefits: Career development Competitive pay Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs