Don't miss updates, tips, webinars!Subscribe now
Milivate
The KYO Group logo
The KYO Group
Save job
Save job

The KYO Group - SOC Analyst

SkillBridge
Remote
151 - 180 days
No Cost
Posted 64 days ago

Position:2 nd and 3 rd shift SOC AnalystSkills required:Professional communicationExperience with SIEM toolsEndpoint Detection & ResponseAttention to detail with an investigative mindset

ABOUT THE JOB

Primary Responsibilities:Alert Investigation: Continuously monitor security alerts and notifications from various security information and event management (SIEM) tools, intrusion detection/prevention systems (IDS/IPS), firewalls, Endpoint Detection & Response (EDR), and other security platforms.Conduct initial triage of alerts to determine the potential severity and legitimacy of the threat.Investigate suspicious activity to identify security events or incidents.Conduct initial triage of alerts to determine the potential severity and legitimacy of the threat.Phishing Investigation: Manage and analyze reported suspicious emails. Determine the legitimacy or malicious intent of the emails and categorize them for tracking and reporting.Incident Identification & Escalation: Identify potential security incidents through real-time analysis of security events.Escalate validated incidents to Tier 2 or Tier 3 analysts with detailed information on the nature and scope of the incident.Basic Threat Intelligence and Analysis: Provide basic correlation and context to identify trends in security events that may indicate ongoing or emerging threats.Document findings and share key insights with senior SOC analysts and security management for further investigation.Follow Standard Operating Procedures (SOPs): Adhere to established security SOPs for responding to incidents, reporting anomalies, and escalating security issues.Experience working with users/clients outside of your organization, customer service focus.Other Duties: Be adaptable and perform additional responsibilities as assigned by management to support the MSSP's evolving needs.Qualifications:Working knowledge of policies, procedures, and protocols of a Security Operations CenterKnowledge of security tools and technologies to include SIEM, EDR, Firewalls, IPS/IDS, Threat Intel, Email Security, and Microsoft Cloud Platforms.Understanding of security frameworks and incident response frameworks.

RESPONSIBILITIES

  • Continuously monitor security alerts and notifications from various security platforms such as SIEM tools, IDS/IPS, firewalls, EDR, etc.
  • Conduct initial triage of alerts to determine the potential severity and legitimacy of the threat.
  • Investigate suspicious activity to identify security events or incidents.
  • Manage and analyze reported suspicious emails to determine their legitimacy or malicious intent.
  • Identify potential security incidents through real-time analysis of security events and escalate validated incidents.

QUALIFICATIONS

  • Professional communication
  • Experience with SIEM tools
  • Endpoint Detection & Response
  • Attention to detail with an investigative mindset
  • Working knowledge of policies, procedures, and protocols of a Security Operations Center
  • Knowledge of security tools and technologies including SIEM, EDR, Firewalls, IPS/IDS, Threat Intel, Email Security, and Microsoft Cloud Platforms
  • Understanding of security frameworks and incident response frameworks

ADDITIONAL ELIGIBILITY

None

TARGET MOCS

All MOCs

ELIGIBLE SERVICE BRANCHES

All Services

PROGRAM COST

$0.00

OTHER

None

COMPANY REVIEWS

No reviews yet. Be the first to review this organization!
SOC Analyst
Cybersecurity
Security Operations Center
SIEM
EDR
Incident Response
Threat Intelligence