Security Operations Center (SOC) Analyst I

The Security Operations Center (SOC) Analyst I will analyze reports and make suggestions to improve partners and end customer's security posture. May participate in the creation and maintenance of policies, standards, and procedures. Acts as the administrator for security systems as assigned. Knowledgeable of the system's security goals as established by its stated policies, procedures, guidelines, and standards and works to achieve those goals. Conducts tasks and assignments as directed by the Manager IT Security. The SOC Analyst I is responsible for on time, on budget, high quality delivery of all projects and duties assigned. All employees must adhere to High Wire Networks, Inc. Core Values.

Essential Functions:
Monitor and analyze resources such as Stellar Starlight, QRadar, Alien Vault and others; data feeds of alerts and logs from firewalls, routers, and other network devices or hosts; and data feeds and/or alerts from network-based IDS/IPS to watch for security violations and determine vulnerabilities.
Conducts initial triage of security events and incidents. Facilitates communication within the SOC and documents progress throughout the Incident Response Lifecycle.
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
Performs Computer Security Incident Response activities for end client's Cloud, coordinates with other SOC and tenant's POC to record and report incidents.
Communicates alerts to Tenant POC regarding intrusions and compromises to their systems, applications, and operating systems.
Recommends modifications to monitoring tools and identifies opportunities to streamline process.
Review compliance reports and works with engineering staff to document deviations to compliance standards as needed.
Supports enterprise vulnerability scanning, penetration testing, and compliance tools (Nessus, Tripwire, DB Protect, etc.) Services and performs scanning for vulnerabilities and compliance to hardening guidelines.
• Prepares incident reports of analysis methodology and results.
• Provides support for enterprise SIEM implementation.
• Maintains current knowledge of relevant technology as assigned.
• Participates in On-Boarding new Tenants as required.

Non-Essential Functions or Skills:
• Support the SOC as needed.
• Flexibility - Adapt to changing environments or alternative methods
• Emotional Intelligence - Understand and react to others' emotions for high quality team output
• Customer Service - Able to meet customer expectations within project scope
• Additional duties as needed

Work Environment Expectations:
The SOC Analyst I's work environment will vary and is dependent upon the specifications and phase of each project or assignment. Work location may be at the client site, headquarters, or may work from home. The SOC Analyst I should expect and prepare for a variety environmental conditions and should report in advance any working conditions that he/she may believe will cause physical reactions, allergies, and/or air quality that may put them at risk. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Hours of Work - The hours of work will vary depending upon the demands of the customer, project, or assignment.

Physical Demands:
• The physical demands of the position described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit, type, look at a computer for 2-3 hours at a time, stand, drive, reach, bend, lift objects up to 20lbs on occasion.

Skills and Competencies:
• Managing Priorities - ability to multi-task, making progress on multiple goals and/or assignments.
• Sense of Urgency - reacts quickly to resolve situations that may be detrimental to assignments/projects.

• Nimble - Ability to adapt quickly to an ever changing, dynamic IT industry.

• Problem-solving - able to review circumstances and participate in problem solving.
• Time Management skills - able to meet deadlines and set a fair pace for work.
• Independent - Can work with minimal direction, meeting the goals.
• Analytical - Able to assess circumstances and determine a course of action.
• Professional verbal and written communication skills - capable of contributing to Knowledge Management
• Strong organizational / business acumen - understands business structure and business strategies as they apply to project goals and outcomes.
• Tactical - Pays attention to the details and applies the strategy.
• Strong remote-collaboration and communication skills.
• Polite, respectful to others, professional.
Required Experience and Qualifications
• Associates degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or equivalent work experience, is required.
• Demonstrated experience with Windows and non-Windows server configuration, administration, and monitoring.
• Experience working in a process-oriented workflow environment.
• ITIL experience is preferred.
• Experience working with multi-tiered ticket handling/resolution systems.
Experience supporting large enterprise IT environments.

• Experience creating, modifying, and following standard procedural documents.
• Knowledge of the Jira ticketing platform preferred.
• US Military Service experience is highly preferred.

Other Skills/Abilities:

• CompTIA Security + Certification
• Ethical Hacking Certification (a plus)
• Unix, Linux, Oracle
• Microsoft Certified Professional Certification