INTL INDIA - L2 SOC Analyst - #260514
Lensa
Date: 5 hours ago
City: Round Rock, TX
Contract type: Full time
Lensa partners with DirectEmployers to promote this job for Insight Global.
Job Description
Respond to security incidents and threat analysis.
Remediate high severity security incidents
Lead & participate in threat hunting and threat intelligence activities
Conduct advanced technical investigations for critical incidents paying attention to specific analysis and fast remediation advice with a focus on improving the customer security posture
Conduct analysis of infected hosts or analyze network traffic to identify attacker activity
Handle specific forensic and malware analysis, as well as complex log analysis requests
Perform event correlation review through incoming data feeds, ticketing systems and security alert mechanisms
Provide context on complex security incidents from Customer and other available resources, collect and assemble data, as well as contribute to technical reports
Utilize in-depth technical knowledge to design procedures for the detection of threat actors behavior, as well as develop and implement standard technical procedures (runbooks) to be used by the Security Monitoring team for day-to-day operations
Perform Event Stream tuning utilizing internal tools, metrics and experience involving key security concepts for systems efficiency
Review security related events assess their risk and validity based on available network, endpoint, and global threat intelligence information
Research and make recommendations for applying MITRE ATT&CK and NIST framework aligned strategies to the Customers environment
Guide and mentor fresh Cyber Security L1 Analyst in triaging activities
Accept work escalated by L1 Analysts for further analysis and reporting
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Skills And Requirements
Requires 5+ Years of experince. At least 3-4 years SOC.
Experience with Microsoft Sentinel or Crowdstrike EDR/XDR toolsets
Understanding of SIEM, Endpoint Security solutions, Linux and Windows operating systems, Honeypots, Sinkholes and Malware Sandbox Technologies
Incident Response & Threat Hunting Understanding
Understanding of threat intelligence and threat modeling concepts
Advanced knowledge of cybersecurity components, principles, practices, and procedures
Understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
Ability to research about targeted threat groups and their tactics, techniques and procedures (TTP)
Understanding of vulnerability and exploit analysis
Experience in conducting network traffic analysis and the detection of malicious code on endpoint systems
In-depth understanding about Windows and Linux System internals (process tree, event IDs, registry, scheduled tasks, etc)
Ability to clearly communicate technical observations to a variety of audiences, and strong written and verbal presentation skills
Flexible to support team during Public Holidays either in shift or On Call support
Experience with creating rules for noise reduction (suppression, whitelisting, custom rules) Multiple security certifications from the following:
SANS GCIA, GCIH
CCNA, CCIE, NGFW Specialization
GREM, GCFE, OSCP (Threat Hunting specialist)
Secureworks null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].
If you have questions about this posting, please contact [email protected]
Job Description
Respond to security incidents and threat analysis.
Remediate high severity security incidents
Lead & participate in threat hunting and threat intelligence activities
Conduct advanced technical investigations for critical incidents paying attention to specific analysis and fast remediation advice with a focus on improving the customer security posture
Conduct analysis of infected hosts or analyze network traffic to identify attacker activity
Handle specific forensic and malware analysis, as well as complex log analysis requests
Perform event correlation review through incoming data feeds, ticketing systems and security alert mechanisms
Provide context on complex security incidents from Customer and other available resources, collect and assemble data, as well as contribute to technical reports
Utilize in-depth technical knowledge to design procedures for the detection of threat actors behavior, as well as develop and implement standard technical procedures (runbooks) to be used by the Security Monitoring team for day-to-day operations
Perform Event Stream tuning utilizing internal tools, metrics and experience involving key security concepts for systems efficiency
Review security related events assess their risk and validity based on available network, endpoint, and global threat intelligence information
Research and make recommendations for applying MITRE ATT&CK and NIST framework aligned strategies to the Customers environment
Guide and mentor fresh Cyber Security L1 Analyst in triaging activities
Accept work escalated by L1 Analysts for further analysis and reporting
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Skills And Requirements
Requires 5+ Years of experince. At least 3-4 years SOC.
Experience with Microsoft Sentinel or Crowdstrike EDR/XDR toolsets
Understanding of SIEM, Endpoint Security solutions, Linux and Windows operating systems, Honeypots, Sinkholes and Malware Sandbox Technologies
Incident Response & Threat Hunting Understanding
Understanding of threat intelligence and threat modeling concepts
Advanced knowledge of cybersecurity components, principles, practices, and procedures
Understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
Ability to research about targeted threat groups and their tactics, techniques and procedures (TTP)
Understanding of vulnerability and exploit analysis
Experience in conducting network traffic analysis and the detection of malicious code on endpoint systems
In-depth understanding about Windows and Linux System internals (process tree, event IDs, registry, scheduled tasks, etc)
Ability to clearly communicate technical observations to a variety of audiences, and strong written and verbal presentation skills
Flexible to support team during Public Holidays either in shift or On Call support
Experience with creating rules for noise reduction (suppression, whitelisting, custom rules) Multiple security certifications from the following:
SANS GCIA, GCIH
CCNA, CCIE, NGFW Specialization
GREM, GCFE, OSCP (Threat Hunting specialist)
Secureworks null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].
If you have questions about this posting, please contact [email protected]
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Crew Leader
Atmos Energy,
Round Rock, TX
3 weeks ago
At Atmos Energy, we enjoy an employee-focused culture with rewarding work, competitive pay, work-life balance, inclusion and diversity, and excellent benefits. Benefits offered include: Medical & Prescription Drug Coverage 401K/Retirement Savings Plan Dental Insurance Vision Insurance Basic Life Insurance Short- and Long-Term Disability Employee Assistance Program Company Holidays & Paid Time Off Flexible Spending Account (FSA) Health Savings Account (HSA)...
Part-Time Beauty Advisor - Sephora
FashionUnited,
Round Rock, TX
3 weeks ago
About The Role As Beauty Advisor, you will drive sales through an authentic passion for beauty and engage clients by identifying their needs with a consultative approach and ensure an excellent overall client experience. You will maintain expert knowledge of top beauty brands, execute merchandise sets and support replenishment and visual standards according to Sephora at Kohl’s standards. What You’ll...
Clinical Sales Liaison Full Time
ScionHealth,
Round Rock, TX
4 weeks ago
Description At ScionHealt h, we empower our caregivers to do what they do best. We value every voice by caring deeply for every patient and each other. We show courage by running toward the challenge and we lean into new ideas by embracing curiosity and question asking. Together, we create our culture by living our values in our day-to-day interactions...
