About this role

Manage event and information intake to include intelligence reports, monitoring ticket queues, investigating reported incidents, and interacting with other security and infrastructure groups as necessary.
Review incidents to assess their urgency and escalate incidents if necessary.
Triage alerts.
Correlate and analyze events and data to determine the scope of cyber security incidents.
Recognize attacker tactics, techniques, and procedures as potential indicators of compromise (IOCs) to improve monitoring, analysis, and incident response.
Assist in tuning SIEM and IDS alerting to reduce false positives, improve productivity, and improve detection capabilities.
Develop automation playbooks.
Provide prescriptive remediation guidance to IT and network teams.
Document incident responses with the detailed root cause and recommendations.
Provide 24x7 (on-call) support.

Associate's degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
Experience managing cases/incidents
Ability to think analytically
Robust creativity and problem-solving skills
Knowledge of technical systems and terminology
Proficiency in threat management analysis and dissemination
Proficiency in scripting languages
Advanced written and verbal communication skills

Security Operations Center Analyst

Key skills