Security Operations Center (SOC) Engineer

Who We Are:

We are a privately owned leading Managed IT Services company (Managed Service Provider). Since 1997 we have specialized in providing managed IT services and managed security services for our clients. which are made up of small to medium-sized enterprises. We are looking for highly passionate individuals to join our team to help and drive the growth and success of our company.

Job Description:

ICE Consulting is seeking a talented Security Operations Center (SOC) Engineer to join our Team. The Security Operations Center Engineer role requires the individual to work as part of the Security Operations Center (SOC) team and help in monitoring and analyzing the environment, identifying, and responding to security threats that put the company at risk. The engineer will own leading-edge solution/s that are intended to improve the security posture of the company. With his domain expertise, the engineer is expected to provide thought leadership and provide sound technical mentorship on how to respond and analyze to security incidents based on security best practices.

Requirements

Essential Responsibilities:

• Own and operate most important security solutions designed to protect the company from cyber threats and attacks
• Lead in deploying new solutions and technologies to improve the security posture of the company.
• Continuous fine-tuning of our security solutions to reduce the occurrence of false positive and false negative alerts
• Working knowledge of client audit compliance which include but not limited to HIPPA, NIST, HiTrust, SOC2, and FDA
• Act as L3 escalation point in analyzing and responding to security incidents from various security technologies and platforms.
• Perform platform health checks to ensure that our security solutions are operating effectively and efficiently
• Drive continuous improvement to reduce threat dwell time in our environment through automation, process simplification, among others.
• Work closely with the Penetration Test Team, Cyber Hunt Team, Threat Intel, and other internal organizations to achieve the shared vision of improving the company’s cyber security posture.
• Conduct incident response, identify vulnerabilities, and consult on remediation steps.
• Use tools to respond to incidents, and actively improve the cyber security posture of the company.
• Effectively communicate technical information to non-technical audiences and influence others to follow policies and conform to standards and methodologies.
• Develop the technical skills of the junior SOC analysts in the team to empower them to be more effective and efficient in their roles
• Champion security standard methodologies across the organization
• Help to develop client Incident Response Plan (IRP)
• Working knowledge and experience with the MITRE framework for cyber adversary tactics and techniques
• Must have working knowledge of Securonix, Rapid7 or Alienvault.

Qualifications:

Should have deep technical knowledge of the following:

• Malware Analysis – ability to perform complex analysis to understand the properties and behaviors of a malware and propose effective countermeasures and mitigation strategies
• User behavior Analysis – ability to piece together user activities to recognize patters of malicious behaviors
• Log Analysis and Correlation
• Enterprise Endpoint Security and Email Security
• Network Security (IPS/IDS), Security protocols and Operating Systems (Windows, Unix, Linux)
• Cloud Security (AWS, Azure, GCP)
• Preferably with relevant experience on key leading-edge security solutions such as Fire Eye, Proofpoint, Imperva, etc.
• Certification *Preferred*: CEH, CISSP, CCNA, OSCP
• Ability to work with diverse groups such as the Cyber Incident Response team (CIRT), Penetration Testing team, etc. to mitigate a security threat
• Bachelor’s degree in Information Systems, Information Technology (IT), Computer Science, Engineering, or other technical / IT field.