DescriptionWe are looking for professionals with experience protecting critical infrastructure to help us defend cloud infrastructure. Our team is skilled in threat hunting, analyzing indicators of compromise (IOCs), investigating adverse security events, security incident management, and digital forensics across IaaS, PaaS and SaaS environments. You will be part of a corporate security operations center responsible for defending infrastructure from adversaries and insider threats. This includes using tools to analyze and respond to threats, creating tools/scripts to aid in analysis, and responding in real time to adverse security events. Our team is the last line of defense if security controls are breached. We are expanding the team and working on ambitious new initiatives.
The Tier 2/3 SOC Analyst will leverage advance security tooling and automation to rapidly detect and respond to real-time security alerts and events and conduct detailed root cause investigations. The analyst will work closely with Tier 1, forensics, incident response, and engineering partners to mitigate a wide variety of threats and malicious activity. Career Level - IC3ResponsibilitiesKey Responsibilities
Support shifts and on call rotations
Detect and respond to security events and threats from alerting, escalations, and other sources
Lead complex investigations and conduct deep analysis of security events focused on rapid containment, remediation, and mitigation
Work closely with security engineering teams to improve monitoring, detection, and tooling
Understand the threat landscape, emerging trends, and incorporate this understanding into day-to-day security monitoring
Operate SOC technologies, including but not limited to a Security Information Event Management (SIEM) platform, Intrusion Detection Systems (IDS), SOAR, Firewalls, Anti-Malware solutions, and insider threat tooling
Assist with security incident response activities
Prepare assigned reports for the SOC shift Lead
Provide high quality written and verbal reports as required
Actively monitor and respond the SIEM alert queue and triage alerts
Investigate alerts using standard operating procedures
Monitor several screens, systems, and alerts simultaneously
Must be an Irish Citizen. The role is a remote position that may require shift work including nights and weekends.
Preferred Qualifications
Two plus years of Incident Response, Security Operations Center, and/or Forensic Analyst experience
Comfortable working in an ambiguous, fast-paced, unpredictable environment
Experience working in a highly collaborative, team centric, event driven operations team
Experience with querying across large data sets to understand complicated and difficult to solve problems
Strong attention to detail
Experience in one or more of the following fields of work: National security, military, federal intelligence, law enforcement, criminology, and/or foreign areas and language
Experience with variety of operating systems and threats that target them including Windows, UNIX/LINUX, and MacOS
Experience performing open source research on a variety of topics
Excellent verbal/non-verbal communication skills with proficient ability to deliver technical information to non-technical staff