Senior SOC Analyst (Tues to Sat | 9 AM to 5 PM EST)
Orlando, Florida, United States
We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our theme parks and consumer experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, MSNBC, CNBC, NBC Sports, Telemundo, NBC Local Stations, Bravo, USA Network, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through Universal Filmed Entertainment Group and Universal Studio Group, and have world-renowned theme parks and attractions through Universal Destinations & Experiences. NBCUniversal is a subsidiary of Comcast Corporation.
Here you can be your authentic self. As a company uniquely positioned to educate, entertain and empower through our platforms, Comcast NBCUniversal stands for including everyone. Our Diversity, Equity and Inclusion initiatives, coupled with our Corporate Social Responsibility work, is informed by our employees, audiences, park guests and the communities in which we live. We strive to foster a diverse, equitable and inclusive culture where our employees feel supported, embraced and heard. Together, we’ll continue to create and deliver content that reflects the current and ever-changing face of the world.
NBCUniversal’s Cyber Threat Operations team is responsible for providing cyber threat intelligence, event analysis, incident response and threat hunting for all areas of NBCUniversal in a highly collaborative, fast paced, and agile fashion. As a member of the Cyber Response team, a candidate can expect to utilize their technical expertise to assess, contain, and remediate cyber threats. The Senior SOC Analyst is responsible for analysis, escalation and initial response actions of security events and alerts to incidents.
The ideal candidate would have a working knowledge of current and relevant security technologies and how to apply them to cyber event analysis and response actions. A clear investigative methodology with a focus on preserving evidence and analyzing data to form conclusions that will steer response directions. Experience analyzing and responding to security events and incidents with practical and working knowledge of response analysis methodologies and enhancing security response processes.
The role involves regular interaction with various groups and leadership within the organization in order to accomplish job responsibilities. Working under the direction of the Manager, Cyber Response, the successful candidate will be responsible for participating in the following activities:
- Day-to-day operational tasks related to the ongoing support of Cyber Operations.
- Responsible for documenting evidence throughout the incident life cycle, conducting shift handovers, escalating security events to incident response, and providing support during cyber security incidents
- Responsible for the ticket queue triage: prioritization, assignment and disposition of security incident tickets/events.
- Responsible for analyzing threat data from multiple sources and building evidence backed dispositions.
- Responsible for front line triage and response including some containment and remediation actions such as network isolation of hosts and blocking indicators of compromise within security perimeter tools.
- Analyst must keep detailed reports on all analysis activity, documented in the case management tool to validate process adherence.
- Responsible for contributing to the creation and updating of new and existing SOAR playbooks and runbooks and general response documentation
- Identify operational gaps in security processes and provide ideas for solutions
- Bachelor’s Degree in an IT related field and/or equivalent work experience
- Experience in analyzing cybersecurity events, and incidents
- MUST HAVE - Experience investigating network and host intrusions, malware, and phishing campaigns
- 4+ years working in Cyber Defense field with experience in Incident Response, Security Analysis or Security Operations Center (SOC). (not an entry level position)
- Previous experience supporting security response functions.
- Working knowledge of core Enterprise IT concepts (web application architectures, networking, etc.)
- Security experience with Cloud infrastructures (AWS, GCP, and/or Azure)
- Experience with host-based and network-based forensics tools and analysis
- Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them
- Knowledge of industry recognized security and analysis frameworks (Mitre ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.)
- Must be self-motivated and able to work both independently and as part of a team
- Strong communication (both verbal and written)
- Ability to be on call and provide support during nontraditional working hours
- Hands on experience working with Incident Response and Threat Monitoring SOC functions
- Previous experience providing incident response/SOC support
- Previous experience with various endpoint detection and response (EDR) technologies
- Previous experience working with various Forensics technologies to include EnCase, FTK, etc.
- Demonstrated experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms
- Interest in conducting static, dynamic, or reverse engineering malware analysis
- Relevant certifications (GCIA, GCIH, GCFA, GNFA, etc.)
This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence.
This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $95,000 - $120,000
NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations by emailing AccessibilitySupport@nbcuni.com.
Tags: Agile AWS Azure Cloud Cyber defense EDR EnCase Firewalls Forensics GCFA GCIA GCIH GCP GNFA IDS Incident response IPS Malware MITRE ATT&CK Monitoring NIST Reverse engineering Security analysis SOAR SOC Threat intelligence
More jobs like this
Remote - Texas Remote - Texas Full TimeSenior Senior-levelUSD 150K - 190K USD 150K+
Sr Director Analyst, Technical Expert - SOC, SIEM, Network Security, Remote - USNetwork security Privacy SIEM SOC Strategy ZTNA
401(k) matching Career development Conferences Salary bonus Startup environment +1
Allen, TX, United States Allen, TX, United States Full TimeSenior Senior-levelUSD 52K - 98K * USD 52K+ *
CFC (Cyber Fusion Centre) Sr. Threat Detection Analyst I - US REMOTE ONLYAgile CERT Firewalls GIAC IDS Intrusion detection +9
401(k) matching Career development Competitive pay Equity Flex hours +5
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs