Arista NetworksArista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments. Arista’s award-winning platforms, ranging in Ethernet speeds from 10 to 100 gigabits per...
Reporting to the IT Security Manager, the IT SOC Analyst is a position based in Cary, NC / Vancouver, Canada / Bangalore, IN / Shannon, IE.
Characterize and analyze network traffic, logs and endpoint activity to identify anomalies, malicious or potential threats to Arista's assets; Perform event correlation using information gathered from a variety of sources (network and endpoint logs) to gain situational awareness to detect, confirm, contain, improve, and recover from attacks.
Respond to attacks found , interacting with users to remediate systems or repair damage caused
Perform detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information; Determine tactics, techniques, and procedures (TTPs) for intrusions.
Isolate assets and remove malware; Reconstruct a malicious attack or activity based on malicious samples seen on endpoints, phishing emails or in network traffic; Perform root cause analysis.
Develop content for cyber defense tools; Help with the construction of signatures or indicators of compromise (IOCs) which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
Notify SOC managers and Security Analysts of suspected cyber incidents and share the event's history, status, and potential impact for further action following the cyber incident response plan and procedures.
Exercise user-oriented approach while handling security incidents to ensure that user impact is minimized as much as possible and the situation is well articulated to users
Document ongoing incidents, after action reports and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
Work closely with the various IT teams to maintain the workstation compliance, as per the Security norms/standards
Acknowledge, analyse and validate incidents received through other reporting mechanisms such as SIEM/ Monitoring platforms, email, phone calls, management directions, etc.
Administer security-dedicated systems (Software, Firewall management, EDR, NDR, log collection, reporting , analytics, Cloud Security consoles) as appropriate.
Work with internal teams to resolve computer security incidents and vulnerability compliance.
Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
Support Incident Response efforts - evidence collection, documentation, communications, and reporting.
Handling support of PC and Mac based users with security related problems
BA or BSc. in Computer Science, Management Information Systems, Information Assurance or related field (Advanced degree desirable) with minimum of 2+ years of work experience in the field of Computer Security
Log correlation among network defense tools and endpoint security technologies
Expert knowledge is desired of laptop operating systems (MacOS, Windows and Linux)
Lead efforts during one or more phases of Incident Response lifecycle
Proven project management experience a bonus - specifically experience in managing remote office configuration and bringup and working with remote/off-site vendors
Experience with, and like to remain aware of, recent cyber threats.
Preferred certifications: GCIH, GCFA, CEH, Network+, Security+ or equivalent industry standard certifications
Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and desktop, server, application, database, network security principles for risk identification and analysis.
Knowledge of frameworks such as MITRE att&ck would be desirable.
This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.
Salary is competitive and commensurate with experience and qualifications.
All your information will be kept confidential according to EEO guidelines.
* Salary range is an estimate based on our salary survey 💰
Tags: Analytics CEH Cloud Compliance Computer Science Cyber defense EDR Endpoint security Firewalls GCFA GCIH HIPAA Incident response Linux MacOS Malware MITRE ATT&CK Monitoring Network security SIEM TTPs Windows
Other jobs like this
Explore more Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Infrastructure Security Engineer jobs
- Open Information Security Officer jobs
- Open Head of Information Security jobs
- Open IT Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Senior Penetration Tester jobs
- Open SOC Analyst jobs
- Open Lead Security Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Information Security Specialist jobs
- Open Application Security Engineer/Architect jobs
- Open Staff Product Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Offensive Security Engineer jobs
- Open Security Researcher jobs
- Open Pentesting-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Clearance-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open CISM-related jobs
- Open CISA-related jobs
- Open CI/CD-related jobs
- Open SQL-related jobs
- Open Finance-related jobs
- Open Security assessment-related jobs
- Open DevSecOps-related jobs
- Open PowerShell-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs