SOC Analyst / Threat Hunter
Lehi, Utah
Podium
Effortlessly attract, manage and convert leads with simple AI tools for better communication and increased sales, all on one platform. Watch a demo today.At Podium, our mission is to help local businesses win. Our lead conversion platform, powered by AI and integrations, helps local businesses convert leads faster, communicate easier, and make more sales. Every day, thousands of local businesses utilize our review management, communication, marketing, and payments products.
Our work and focus on helping local businesses thrive has been recognized across the industry, including Forbes’ Next Billion Dollar Startups, Forbes’ Cloud 100, the Inc. 5000, and Fast Company’s World’s Most Innovative Companies.
At Podium, we believe in fostering a culture that thrives on hiring and developing exceptional talent. Our operating principles serve as a compass, guiding daily behavior and decision-making, and ensure we hire people who will thrive at Podium. If you resonate with our operating principles and are energized by our mission, Podium will be a great place for you!
The Role:
As a SOC Analyst at Podium, you will be responsible for activities related to monitoring and responding to security events. You will receive, research, triage and document all security events and alerts as they are received. You will support multiple security-related platforms and technologies, interfacing with others within the IT organization, as well as other internal business units and external customers/partners. Events will be generated from endpoints, networks, security information and event management (SIEM) systems, threat intelligence platforms, employees, third-parties and other sources. You will also receive information sharing and analysis center (ISAC) information and will be expected to hunt for potential compromise across the infrastructure.
You will report to the Director of Security and act as an involved member of the SOC team. You must display an in-depth understanding of new trends and technologies related to IT security and compliance, and contribute to the company IT security strategy and roadmap.
Essential Job Duties
- As an active member of the team, monitor and process response for security events on a 24x7 basis.
- Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
- Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.
- Participate in threat modeling collaboration with other members of the security team.
- Leverage automation and orchestration solutions to automate repetitive tasks.
- Assist with incident response as events are escalated, including triage, remediation and documentation.
- Aid in threat and vulnerability research across event data collected by systems.
- Investigate and document events to aid incident responders, managers and other SOC team members on security issues and the emergence of new threats.
- Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships.
- Share information as directed with other team members and ISACs.
- Seek opportunities to drive efficiencies.
- Manage security event investigations, partnering with other departments (e.g., IT) as needed.
- Evaluate SOC policies and procedures, and recommend updates to management as appropriate.
- Adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling of security incidents and events.
- Partner with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
- Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security and data networking, to offer global solutions for a complex heterogeneous environment.
- Maintain working knowledge of advanced threat detection as the industry evolves.
- Perform other duties as assigned.
Skills and Experience
- 3-5 years of information security monitoring and response or related experience.
- Experience working in a 24x7 operational environment, with geographic disparity preferred.
- Experience driving measurable improvement in monitoring and response capabilities at scale.
- Experience working with SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.
- Knowledge of a variety of Internet protocols.
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
- Working knowledge/experience with network systems, security principles, applications and risk and compliance initiatives such as Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), Health Information Portability and Accountability Ace (HIPAA), Sarbanes-Oxley Act (SOX) and the General Data Protection Regulation (GDPR).
Additional Qualifications
- Demonstrate highly effective communications skills, with an ability to influence business units.
- Analytical and problem-solving mindset.
- Highly organized and efficient.
- Strategic and tactical thinking.
- Works calmly under pressure and with tight deadlines.
- Effective decision-making skills.
- Highly trustworthy; leads by example.
Certification Requirements
- Required SANS GCIH or GCIA; CISSP a plus.
Benefits:
- Open and transparent culture
- Life insurance, long and short-term disability coverage
- Paid maternity and paternity leave
- Fertility Benefits
- Generous vacation time, plus three 4-day summer holiday weekends
- Excellent medical, dental, and vision benefits
- 401k Plan with competitive company matching
- Bi-annual swag drops with cool Podium gear and apparel
- A stellar HQ (Utah) gym with local professional coaches and classes offered
- Onsite HQ (Utah) child care center, subsidized for employees
- Additional benefits for fully remote employees
Podium is an equal opportunity employer. Podium provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity or expression, age, disability, genetic information, marital status or veteran status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Business Intelligence CISSP Cloud Compliance GCIA GCIH GDPR GLBA HIPAA IDS Incident response Intrusion detection IPS Linux Monitoring SANS Security strategy SIEM SLAs SOC SOX Strategy Threat detection Threat intelligence TTPs UNIX Windows
Perks/benefits: 401(k) matching Fertility benefits Health care Insurance Medical leave Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs