Security Threat Analyst

Job Summary:   

Entry level position in the SOC team.  Triage specialist whose responsibility is to review real-time event data, monitor alert queue on a rotating 24 x 7 x 365 basis, and to determine relevance and urgency of the threat alerts.  Perform initial analysis and response to incidents.  Monitors health of security sensors and endpoints, keeping abreast of intelligence from IT security community and other industry sources.  Conducts asset discovery and vulnerability scanning; track and monitor remediation efforts including report preparations.

Specific Duties & Responsibilities:

• Continuously monitor security events from various SOC log sources, and analyze threat alerts to determine relevance and urgency (triaging).
• Monitors health of security sensors and endpoints
• Perform system/network inventory and validation, log collection, investigate threat alerts to reach the root cause and respond to incidents/threat alerts.
• Prepare alert tickets, collects alert information, follow incident playbooks and provide the context of an incident to L2 analyst for further investigation and resolution.
• Runs vulnerability scans and reviews vulnerability assessment reports.
• Manages security monitoring tools, enroll log sources and provides input on tuning and optimizing security systems.
• Develops and implement security event and threat detection logic (Use Cases)
• Provide input to constantly improve SOC security process, policies, procedures and incident response playbooks.
• Staying up-to-date with emerging security threats and vulnerabilities including applicable regulatory security requirements.
• Other tasks that may be assigned

Job Summary:   

Entry level position in the SOC team.  Triage specialist whose responsibility is to review real-time event data, monitor alert queue on a rotating 24 x 7 x 365 basis, and to determine relevance and urgency of the threat alerts.  Perform initial analysis and response to incidents.  Monitors health of security sensors and endpoints, keeping abreast of intelligence from IT security community and other industry sources.  Conducts asset discovery and vulnerability scanning; track and monitor remediation efforts including report preparations.

Specific Duties & Responsibilities:

• Continuously monitor security events from various SOC log sources, and analyze threat alerts to determine relevance and urgency (triaging).
• Monitors health of security sensors and endpoints
• Perform system/network inventory and validation, log collection, investigate threat alerts to reach the root cause and respond to incidents/threat alerts.
• Prepare alert tickets, collects alert information, follow incident playbooks and provide the context of an incident to L2 analyst for further investigation and resolution.
• Runs vulnerability scans and reviews vulnerability assessment reports.
• Manages security monitoring tools, enroll log sources and provides input on tuning and optimizing security systems.
• Develops and implement security event and threat detection logic (Use Cases)
• Provide input to constantly improve SOC security process, policies, procedures and incident response playbooks.
• Staying up-to-date with emerging security threats and vulnerabilities including applicable regulatory security requirements.
• Other tasks that may be assigned