Soc Analyst Resume Samples
4.9
(131 votes) for
Soc Analyst Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the soc analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
BL
B Labadie
Braeden
Labadie
4295 Sydni Prairie
Los Angeles
CA
+1 (555) 662 8730
4295 Sydni Prairie
Los Angeles
CA
Phone
p
+1 (555) 662 8730
Experience
Experience
Chicago, IL
Soc Analyst
Chicago, IL
Jacobson-Sporer
Chicago, IL
Soc Analyst
- Work as part of a growing team, to disseminate information to others – which makes us continually improve
- Observe security solutions; SIEMs, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis tools, log aggregation tools
- Technical analysis of network activity, monitors and evaluates network flow
- Provide real-time guidance to customers on network configuration, security settings and policies, and attack mitigation procedures
- Provide real-time guidance to clients on network configuration, security settings and policies, and attack mitigation procedures
- Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
- Analyze network flow data for anomalies and detect malicious network activity
Boston, MA
SOC Analyst
Boston, MA
Mayer-Stark
Boston, MA
SOC Analyst
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
- .Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
- .Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
- .Document all activities during an incident and providing leadership with status updates during the life cycle of the incident
- Document all activities during an incident and provide support with status updates during the life cycle of the incident
- .Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
- Provide information regarding intrusion events, security incidents, and other threat indications and warning information
present
Boston, MA
Senior SOC Analyst
Boston, MA
Ebert, O'Hara and Hermann
present
Boston, MA
Senior SOC Analyst
present
- Ensure the SOC analyst team is providing excellent customer service and support
- Influence and improve upon existing processes through innovation and operational change
- Evaluate existing technical capabilities and systems and identify opportunities for improvement
- Interpret information provided by tools to form a sound hypothesis regarding the root cause of an event
- Perform incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
- Creates new ways to solve existing production security issues
- Research and test new security tools/products and make recommendations of tools to be implemented in the SOC environment
Education
Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Seton Hall University
Bachelor’s Degree in Computer Science
Skills
Skills
- Strong knowledge and demonstrable experience of information security technologies and methods
- Knowledgeable with IP networks and network infrastructure experience
- Strong attention to detail
- Strong troubleshooting/problem-solving ability
- Analytical thinker with strong attention to detail
- Proficiency with IDS/IPS technologies, such as Snort, SourceFire, Proventia; working knowledge of Linux and/or Windows systems administration (Including AD)
- Natural curiosity and ability to learn new skills quickly
- Ability to perform and interpret vulnerability assessments
- Ability to excel in a face paced, challenging, operations environment with 24/7 shifts
- Ability to administer the operations of a security infrastructure
15 Soc Analyst resume templates
Read our complete resume writing guides
1
Senior SOC Analyst Resume Examples & Samples
- Assist in the collection and production of tracking metrics
- Capable of working independently and involving leadership as necessary
- Identify and propose areas for improvement within the SERT and the Threat Management department
- Information Security Principals, Technologies, and Practices
- Knowledgeable in legal issues within information security environments (i.e., data privacy)
- Minimum of 4-6 years of experience in one or more of the following
- Experience investigating security events, threats and vulnerabilities
- Understanding of electronic investigation, forensic processes and methodologies including: log correlation and analysis, forensic handling of electronic data, and knowledge of the computer security investigative processes
- Desired: Experience with Perl, Python, or PowerShell scripting
2
O&t-soc Analyst Resume Examples & Samples
- 4 years working in the security & operations fields
- Bachelor's degree or higher preferred
- Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge and Cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
- Ability to read and understand packet level data
- Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc)
- Host Security Products (HIPS, AV, scanners, etc)
3
O&t-soc Analyst Resume Examples & Samples
- Analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems.s, proxy devices (ArcSight, Arbor PeakFlow, SourceFire, Palo Alto Networks, etc.) which requires demonstrable security incident response experience
- Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups.. Execute daily adhoc tasks or lead small projects as needed
- Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of Vulnerability & Threat Management process
- 4+ years working in the security & operations fields. Bachelor's Degree or higher preferred
- Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)
4
Lead SOC Analyst Resume Examples & Samples
- Manage a global team responsible for operating the SIEM solution; provide the team with technical guidance
- Provide oversight and direction in the management of the information security monitoring capability as a whole – process and technology
- Maintain, manage, and update the process for the operating model for the security monitoring capability
- Mentor and train new personnel
- Direct the CDRC team throughout the security event resolution process
- Manage and improve information security documentation as required
- Work with other operational teams to resolve incidents and report on events
- Provide support during and lead security event investigations when required
- Lead and/or assist in the resolution of security events by identifying root cause and solutions
- Help analyze findings in investigative matters, and develop fact based reports of events over period of time
- Knowledgeable in legal issues within information security environments (e.g., data privacy)
- Excellent leadership and teaming skills with domestic and internationally located teams
- Good social, communication, and technical and general writing skills
- Excellent ability at building relationships with other organizational groups
- 6+ years experience in one or more of the following
- Deep understanding of security threats and vulnerabilities
- Understanding of electronic security event management, investigation, and methodologies. Including: log correlation and analysis, knowledge of the computer security investigative processes
- Familiar with a basic understanding of legalities surrounding electronic discovery and analysis
- Familiar with basic system administration functions for Windows and Unix platforms
5
Soc Analyst Resume Examples & Samples
- Work with the operation of current and future toolsets that will support the BBC SOC, as per current understanding of future scenarios; namely alerting, monitoring and reporting at the request of the SOC Specialist
- Assisting in the development of long and short term technical capabilities, including software and hardware requirements; gathering business requirements; developing initial findings and working to agree a prioritised list of technical capabilities and projects
- Ensure that SOC delivery for Information Security aligns with ISGC policies, related standards and guideline at the request of the Governance Specialist
- Assist the SOC Specialist in ensuring all relevant technical standards and policy documentation is reviewed and maintained thought-out each if the SOC technical capabilities
- Assist the SOC Specialist with the management of technical relationships with key personnel within BBC technology providers and ensure that all issues or problems are followed up and dealt with appropriately
- Proven technical ability and experience in Unix/Linux etc
- Proven technical ability and experience within Microsoft Windows (including servers)
- Proven technical ability with networking systems – e.g Firewalls, network switches etc
6
Senior Soc Analyst Team Lead Secure Works Resume Examples & Samples
- Create customized KPIs and metrics to measure the success of the SOC or Operations functions
- Create and deliver SOC Standard Operating Procedures, process frameworks, and work stream training for both new analysts and refresher training for seasoned analysts
- Maintain awareness of changing trends, technologies, and regulations which might affect the SOC. Determine the appropriate course of action if needed
- Member of team responsible for monitoring and resolution of security incidents within established customer Service Level Agreements
- Performing daily operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SIEM tools, network and host based IDS, firewall logs, system logs (Unix & Windows), mainframes, midrange, applications and databases
- Collaboration with Line of Business technical teams for issue resolution and mitigation
- Provide antivirus & anti-malware application administration and management using TrendMicro, McAffee and Microsoft Forefront
- Provide workstation Full Disk Encryption (FDE) and External Media Data Protection administration and management (using Symantec PGP or other solution )
- Routinely interact with vulnerability and threat management teams and incorporate feedback into information security applications (such as Qualys )
- Maintain knowledge and attend briefings from the SecureWorks Counter Threat Unit (CTU)
- Provide desktop recovery support to include daily operational incident response support as well as potential on-call support
7
Soc Analyst Resume Examples & Samples
- Help to build relationships with teams across the corporation to understand current and future security threats and vulnerabilities with the support of the Security Operations Centre (SOC) Specialist
- Good knowledge of security issues inherent in corporate environments e.g: Phishing, DDoS attacks Malware, etc
- Proven technical ability and experience in Unix/Linux, etc
- Proven technical ability with networking systems – e.g. Firewalls, network switches, etc
8
Senior IT SOC Analyst Resume Examples & Samples
- Analyze and review escalated cases until closure. This includes investigating and recommending appropriate corrective actions for cyber security incidents
- Perform post mortem analysis on logs, traffic flows, and other activities to identify malicious activity
- Reverse engineer and analyze binaries, files, and other malicious attack artifacts, or consult with outside vendors on these tasks, as appropriate
- Perform network and system forensics, or consult with outside vendors on these tasks, as appropriate
- Provide guidance and work leadership to less-experienced technical staff members
- Conduct all-source analysis and produce all-source intelligence products
- Maintain a high state of situational awareness regarding threats to the organization/industry
- Advise SOC and IT personnel on operations, tuning, configuration and maintenance of security tools
- 5+ years of IT experience, with a minimum of 2 years in a SOC Analyst or related role
- Proficiency with operating systems including UNIX, Linux, or Windows and general working knowledge of TCP/IP and SSL/TLS
- Experience working with Security Information and Event Management (SIEM) solutions
- Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages
- Proven ability to sort and prioritize events and discern potential threat levels
- Experience creating and implementing efficient processes
- Excellent ability to communicate and partner with business stakeholders, peers, and outside vendors
- Experience in a global retail environment preferred
9
Lead SOC Analyst Resume Examples & Samples
- Respond to network and host based security events
- Provide coaching, documentation, scheduling, and project support
- Perform troubleshooting hands-on maintenance on the monitoring infrastructure
- Information Security Principles, Technologies, and Practices
- Comfortable navigating and troubleshooting Linux and Windows system issues
- Minimum of 5-7 years of experience in one or more of the following
- Working in a Network or Security Monitoring environment
- Understanding of electronic investigation, forensic processes and methodologies including log correlation and analysis, forensic handling of electronic data, and knowledge of investigative processes
- Experience leading or managing a team in a security related function
- Desired: Experience with Perl, Python, or PowerShell scripting. Systems Administration Background
10
Senior SOC Analyst Resume Examples & Samples
- At least 12 months experience in pure SOC Analyst position
- Incident response experience either in a consultancy or in-house SOC team
- Demonstrable experience in using Security Monitoring systems and tools (e.g. SIEM, IDS/IPS, DLP)
- Perimeter and host security intrusion techniques
- Network Protocols
- Threat Intelligence
11
Soc Analyst Resume Examples & Samples
- Analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices which requires demonstrable security incident response experience
- Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups. Execute daily adhoc tasks or lead small projects as needed
- Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
- Experience in web development and programming languages i.e. Java, XML, Perl and HTML
- Knowledge of cutting edge threats and technologies effecting Web Application vulnerabilities and recent internet threats
- A good understanding of security, web-based and infrastructure vulnerabilities is required
- Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]
12
Soc Analyst Resume Examples & Samples
- AV Event monitoring and incident identification
- Policy and endpoint management configuration
- Produce situational reports as required
- Seek out and identify anomalous activity and behaviours
- Provide technical risk assessments as required and deliver recommendations and mitigation options
- Liaise with infrastructure service teams to ensure any incidents are handled efficiently
- Experience with enterprise AV management solutions such as Symantec, McAfee EPO, Sophos etc
- Investigating and validating current AV management policies and configurations
- Proven ability to keep abreast of developments in information security
- Outstanding verbal and written communication skills
- Migration experience between AV management platforms either at major version revisions or between differing vendor platforms
- Development, deployment and maintenance of new AV policies
13
Soc Analyst Resume Examples & Samples
- Event monitoring and incident identification
- Produce situational reports from both SIEM and other service reporting tools
- Support and manage vulnerability assessment programmes
- Liase with infrastructure service teams to ensure any incidents are handled efficiently
14
Soc Analyst Resume Examples & Samples
- Analyzes, selects, and recommends installation of moderately complex security software, locks, alarm systems, and other security measures to prevent hackers from infiltrating company information
- Investigates attempted efforts to compromise security protocols. Escalates issues to higher level associates; recommends and implements safeguards and solutions
- Monitors and analyzes moderately complex security systems for routers, switches and firewalls to ensure proper connectivity and configuration
- Reviews computer logs and messages to identify and report possible violations of security. Coordinates, documents, and reports on internal investigations of security violations
- Conducts tests on existing complex data security architecture to determine degree of stability
- Interacts with client management to understand their security needs. Assists in defining and developing safeguards and solutions based on client's needs; implements procedures to accommodate them
- Reviews security status reports to oversee system status and potential and actual security violations. Writes reports and communicates to management/client findings
- Bachelor's degree in information systems security, computer science, or related field preferred
- Four or more years of experience in information systems security
- Experience working with domain structures and digital signatures
- Experience working with operating systems
- Experience working with firewall theory and configuration
- Experience with networking
- Good communication skills to interact with team members, management, and support personnel
- Good analytical and problem solving skills for design, creation and testing of complex security systems
15
Soc Analyst Resume Examples & Samples
- Participate in detecting, investigating, and resolving security events
- Capable of working independently and involving senior analysts as necessary
- Identify and propose areas for improvement within the Cyber Defense Response Center
- Provide , documentation, and project support
- Proven experience with at least one security platform (IDS/IPS, Firewall, Vulnerability Scanner)
- Good social, communication and technical writing skills
- Minimum of 1-2 years of experience in one or more of the following
- Understanding of electronic investigation and log correlation
- Proficiency with IDS/IPS technologies, such as Snort, SourceFire, Proventia; working knowledge of Linux and/or Windows systems administration (Including AD)
16
Senior SOC Analyst Resume Examples & Samples
- Conduct in- depth, thorough analysis of network traffic and host activity across a wide array of technologies and platforms
- Perform incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
- Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management
- Assist and mentor less experienced analyst staff regarding analysis, investigations, and incident response
- Evaluate existing technical capabilities and systems and identify opportunities for improvement
- Research and test new security tools/products and make recommendations of tools to be implemented in the SOC environment
- Regularly review standard operating procedures and protocols to ensure SOC continues to effectively meet operational requirements
- Conduct “after action” reviews to identify lessons learned and best practices
- Foster innovation, creativity, collaboration, and professional growth of the SOC team
- Influence and improve upon existing processes through innovation and operational change
- Bachelor’s degree and five (5) years or more experience in SOC operations; Masters and three (3) years or more experience
- 3+ years of SOC or MSSP experience with at least 1 year in an in-depth technical role
- 3+ years of SIEM experience – with knowledge of content creation (rules, alerts, etc.)
- Experience with Splunk – preferably proficient with Splunk’s Search Processing Language (SPL), developing correlation rules, dashboards, and custom searches
- Experience with automated incident response tools (PSTools, Sysmon, Carbon Black, etc.)
- Experience with packet capture and analysis (tcpdump/windump, Wireshark, etc.)
- Experience with host and network forensics
- Strong understanding of security architectures and devices
- Strong understanding of threat intelligence consumption and management
- Strong understanding of root causes of malware infections and proactive mitigation
- Strong understanding of lateral movement, footholds, and data exfiltration techniques
- Ability to mentor and coach less experienced security analysts. Providing techniques and strategies to dig deeper into investigations
- Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility
- Strong time management and multitasking skills as well as attention to detail
- Comfortable with impromptu tasking and loosely defined requirements
- Relevant security certifications (CISSP, GCIA, GCIH, GREM, CEH, etc.)
- Bachelor’s degree or higher in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, Information Systems, etc
17
Soc Analyst Resume Examples & Samples
- Analyzes, recommends, and implements the installation of security software, locks, alarm systems, and other security measures to prevent hackers from infiltrating company information
- Monitors and analyzes attempted efforts to compromise security protocols. Identifies and investigates activities and conducts and provides analyses regarding results. Escalates issues to higher level associates
- Monitors and assists in analyzing security systems for routers, switches and firewalls to ensure proper connectivity and configuration
- Conducts tests to determine degree of stability of existing data security architecture
- Interacts with customers to understand their security needs; assists in the development and implementation of procedures to accommodate them
- Writes security status reports to provide system status, report potential and actual security violations and provide procedural recommendations
- Two or more years of experience in information systems security
- Experience working with network software and hardware
- Communication skills to interact with team members, management, and support personnel
- Analytical and problem solving skills for design, creation and testing of security systems
18
IT SOC Analyst Resume Examples & Samples
- 5 -8 years in IS/IT Security. Security Certifications like CISSP or CEH would be a plus
- The analyst will reduce the time to remediation for virus infection and other malware activity
- The analyst will improve the overall detection capability and the processes that support it
- The Analyst helps ensure that vulnerabilities and threats detected are remediated
- The analyst creates work instructions, with guidance for technical responders in the field, to help them respond appropriately to any particular threat detected
- He/She recommends new security controls based on threats detected and vulnerabilities discovered to better protect Company data, confidentiality and business continuity
- He/She recommends logging, monitoring and detection strategies and technologies
- Analysis of security log events and alerts
- False positive handling
- Maintain and Mature the SIEM infrastructure
- Creation of Work Instructions to help guide incident response triggered by SOC detections
- Advise and contribute to technical projects
- Participate in the review and remediation of any Security Incidents
- Perform configuration and monitoring environment reviews
- Evaluation of threats and determination of level of severity
- Incident ticketing tracking and escalation
- Investigation of events where possible
- Monitor and manage escalated issues and serve as the single technical point of contact for escalations
- Provide informal knowledge transfer
- Recommendations of improvements to monitoring and integration and workflows
- Provide proactive and reactive advice on issues regarding upgrades, patches and updates
- Develop reporting and KPI for management to show achievements and value of SOC
- Check Point Firewalls
- Cisco and Tipping Point Intrusion Detection Systems (IPS)
- Qradar SIEM solution
- Bluecoat Proxies and Content Filters
- Microsoft Direct Access
- Cisco Virtual Private Networking (VPN)
- Symantec Antivirus, H-IPS, Firewall
- Checkpoint Antibot Blades
- Xforce Threat intelligence feeds
- Fireeye Malware analysis
- Active Directory and Kerberos Authentication
- Windows Security Logs
- RSA authentication
19
Soc Analyst Resume Examples & Samples
- 1-3 years of related work experience
- Experience with McAfee Nitro SIEM, or CMSS-SIEM
- Experience with shell scripting, regular expressions (Windows or *nix)
- Knowledgeable with IP networks and network infrastructure experience
- BS in Computer Science,
- Information Technology, or Information Assurance is desired
- Experience with Digital Forensics and Incident Response (DFIR)
- OSCP highly desired
- GCFE
- RHCSA, RHCE, or MCSE
20
Soc Analyst Resume Examples & Samples
- Continuously monitors levels of service as well as interprets and prioritizes threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
- Monitors and proactively mitigates information security risks
- Work within a 24/7 shift-scheduled security operations environment
21
Soc Analyst Resume Examples & Samples
- Perform accurate and precise real-time analysis and correlation of logs and alerts from a multitude of client devices with a focus on the determination of whether said events constitute security incidents
- Analyse and assess security incidents and escalate to client resources or appropriate internal teams for additional assistance
- Manage all customer interactions in a professional manner with emphasis on client delight
- Handle client requests and questions received via phone, e-mail, or an internal ticketing system in a timely and detail-oriented fashion in order to resolve information security related incidents
- Interact with, configure, and troubleshoot network intrusion detection devices and other security systems via proprietary and commercial consoles
- Utilise internal guidelines in order to properly handle client requests and questions
- Work as part of a growing team, to disseminate information to others – which makes us continually improve
- The TCP/IP suite of network protocols
- Linux & Windows operating systems
- Exploits, vulnerabilities & network attacks
- Packet analysis tools
- Regular expressions
- Database structures and queries – SQL etc
22
Intermediate SOC Analyst Resume Examples & Samples
- Monitor, react and respond to all real or perceived security and cyber related incidents, threat and attacks on a 24 hours, 7 days per week basis
- Write and/or modify Security Information & Event Monitoring (SIEM) correlation rules
- Tune the IDS/IPS systems
- Create and/or modify IDS/IPS signatures
- Analyze and assess vulnerabilities and provide recommendations to the FIPC Manager
- Configure intrusion detection systems, firewalls and content checkers
- Extract and analyze reports and logs
- Configure and/or update virus scanners
- Provide support to clients on a 24/7 basis
- Create tickets and monitor the ticketing systems and respond to Incident Requests (IR’s)
- Write scripts to automate tasks
- Work with other Government of Canada resources in the performance of the work
- Maintain and recommend enhancements to the security posture; and
- Make technical and procedural recommendations and enhancements in coordination with the other members of the FIPC
23
Tier, SOC Analyst Resume Examples & Samples
- 1) Experience with packet capture and network traffic analysis
- 2) Experience performing incident response
- 3) Experience with industry standard information security tools such as Wireshark, Kali, Netcat, TCPDump and NMAP
- 4) Experience reviewing and analyzing log data (firewall, network flows, IDS, system logs)
24
Soc Analyst Resume Examples & Samples
- 2+ years of security experience within a SOC or CIRT environment
- 2+ years of event logging and malware analysis
- 2+ years of experience with mcafee epo, qradar and/or tanium
- Proactively identify information security threats to using SIEM technology and other security tools
- Participate in minor incident response activities while working with outsourced providers
- Assist in coordinating remediation efforts of security vulnerabilities across support towers
- Participate in SIEM tuning efforts with the Managed Services Provider
- Identify and document process improvements through creation of knowledge base articles
25
Soc Analyst Resume Examples & Samples
- Ability to multi task, prioritize, and balance multiple priorities
- Effective in team setting or as individual contributor
- Understands and follows methodologies, standards and procedures and engage resources if needed to get the job done
26
Soc Analyst Resume Examples & Samples
- Actively seeks to uncover indicators of compromise for which monitoring capabilities do not yet exist
- Collects and aggregates information from a wide variety of sources and formats them for relevance to our environment
- Creates hypotheses for analytics and testing of threat data
- Shares lessons learned, initial indicators of detection, and opportunities for strengthening signature based detection capabilities
- Maintains and enhances the documentation standard for discoveries and reporting of malicious tactics, techniques, and procedures
- Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization
- Performs compensating controls analysis and validates efficacy of existing controls
- Recommends security controls and/or corrective actions for mitigating technical and business risk
- Ensures compliance with all applicable configuration standards
- KNOWLEDGE: Having broad expertise or unique knowledge, uses professional concepts and company objectives to resolve complex issues in creative and effective ways. Some barriers to entry exist at this level (i.e., dept/peer review)
- JOB COMPLEXITY: Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Internal and external contacts often pertain to company plans and objectives
- SUPERVISION: Determines methods and procedures on new assignments, and may provide guidance to other personnel
- EXPERIENCE: Typically requires a minimum of 8 years of related experience. In some companies, the requirement will be less. At this level, graduate coursework may be desirable
27
Soc Analyst Resume Examples & Samples
- Proven experience with multiple security event detection platforms
- Working in a Security Monitoring/Security Operations Center environment (SOC)
- Understanding of electronic investigation and log correlationProficiency with the latest intrusion detection platforms; working knowledge of Linux and/or Windows systems administration (Including AD)
28
Senior SOC Analyst Resume Examples & Samples
- Capable of working independently while supporting CDRC Analyst I as necessary
- Provide documentation and project support
- Act as second and/or third-tier support for the CDRC Analyst I
- Act as a peer group leader to help train support staff
- Server as shift lead when necessary
- Serve as a back-up to the CDRC Manager
- Thorough understanding of TCP/IP
- Minimum of 2-3 years of experience in one or more of the following
- Experience investigating security events, threats and/or vulnerabilities
- Scripting or programming (Shell scripting, Power Shell, C, C#, Java, etc.)
29
SOC Analyst Resume Examples & Samples
- .Monitor and analyze network traffic and security event data
- .Investigate intrusion attempts and perform in-depth analysis of exploits
- .Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
- .Conduct proactive threat and compromise research and analysis
- .Review security events that are populated in a Security Information and Event Management (SIEM) system
- .Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
- .Conduct digital forensics and malware analysis triage analysis
- .Independently follow procedures to contain, analyze, and eradicate malicious activity
- .Document all activities during an incident and providing leadership with status updates during the life cycle of the incident
- .Create a final incident report detailing the events of the incident
- .Provide information regarding intrusion events, security incidents, and other threat indications and warning information to US government agencies
- .Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
- .Responsible for assisting and resolving user logon or other access related issues being reported and escalated
- .Foster and maintain good relationships with colleagues to meet expected customer service levels
- .Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards and technologies
30
SOC Analyst Resume Examples & Samples
- The responsibilities of the SOC Analyst include, but are not limited to
- Monitor and respond to security incidents
- Investigate intrusion attempts and collaborate for triage
- Provide support and administration of security instrumentation
- Document compromise research and analysis
- Review security events that are populated in a Security Information and Event Management (SIEM) system
- Independently follow procedures to contain, analyze, and coordinate mitigation of malicious activity
- Document all activities during an incident and provide support with status updates during the life cycle of the incident
- Provide information regarding intrusion events, security incidents, and other threat indications and warning information
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
- Foster and maintain good relationships with colleagues to meet expected customer service levels
- Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards and technologies
- Minimum two years of experience in a SOC, NOC, or other security or technical support role required
- Minimum two years of experience working with security and/or network related tools such as IPS/IDS, SIEMs and other monitoring and incident response type tools required
- Minimum two years of experience working with Windows and Linux servers in an enterprise environment required
- Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a team setting
- Security related certifications (such as SANS GIAC, GSEC, CISSP, CISM, CEH, etc.) are a plus
- Familiarity with network security methodologies, tactics, techniques and procedures
- Experience reviewing and analyzing network packet captures is a plus
- Possess a comprehensive understanding of the TCP/IP protocol, security architecture, and remote access security techniques/products
- Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns is a plus
- Experience monitoring, detecting, and contributing to response efforts of advanced persistent threats is a plus
- Knowledge of digital forensic and static malware analysis techniques is a plus
- Working knowledge of network architecture is a plus
- Strong research background, utilizing an analytical approach is a plus
- Must be able to react quickly, decisively, and deliberately in high stress situations
- Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
31
Soc Analyst Resume Examples & Samples
- Technical analysis of network activity, monitors and evaluates network flow
- Analyze network flow data for anomalies and detect malicious network activity
- Accumulate IOC’s from intel sources and configure scans across end points
- Document, communicate, collaborate and transition incident details to other SOC members
- Operational knowledge of Splunk
- Experience with writing queries, parsing and correlating data
- Technical understanding of PaloAlto UTM, firewall, IDS and Wildfire features data, signature-based IDS events and full packet capture (PCAP) data
- Strong understanding of parsing and analyzing web, system and security logs
- Must have knowledge of Linux/Unix skills and security specific scripting skills
- Demonstrated ability to determine and oversee remediation activities
- Understanding of VPN infrastructure, 2FA, RSA Secur-ID
- Understand a variety of network protocols including TCP/IP, UDP, DHCP, FTP, SFTP, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS
- Operational knowledge of Q-Radar SEIM console
- Knowledge of Tripwire, Fireye, Sourcefire, Forescout, AV, Proxies, Symantec DLP is huge plus
- Familiar with YARA, STIX, TAXII, OpenIOC
- DLP is huge plus
32
V-soc Analyst Resume Examples & Samples
- This position could be a salary grade 1 or 2 depending on combined level of education and work experience
- This is a remote position, however you must be willing to work nights/weekends
- 0 years of experience required for salary grade 1
- 2+ years of experience required for salary grade 2
- Can demonstrate critical thinking and problem solving skills
- Possess good time management and written and oral communications skills
33
SOC Analyst Warsaw Resume Examples & Samples
- Provide F5 customers with outstanding & rapid reaction to real-time alerts
- Document actions taken in Security Information and Event Management systems, knowledge base, or ticketing systems as required
- Earn trusted advisor status internally and externally
- Provision new customers or update the provisioning for existing customers
- Interface with and support cross-functional teams
- Ensures documented processes and procedures are kept up to date
- Responsible for upholding F5's Business Code of Ethics and for promptly reporting violations of the Code or other company policies
- Comply with F5's information security policies and protect information assists from unauthorised access, disclosure, modification, destruction or interference
- Responsible for promptly reporting security or potential events or other security risks to F5
- Knowledge and proven experience in DDoS Mitigation with the ability to gather, interpret and explain log files from a variety of sources
- Demonstrated experience in a technical support role, experience working with Customer Support and Service Management portals, including provisioning, reporting, and configuration
- High degree understanding of HTTP, XML and AJAX
- Experience in working in an enterprise environment (understanding how web application environments are built)
- White/black list management
- Experience supporting corporate customers in production environments
- Must be able to relay technical information to customers with different levels of technical competence
- Proficiency in Windows OS and Microsoft Office
- Zendesk CRM or similar ticketing system experience preferred
- Ability to work in a fast-paced environment and meet stretch goals
- Ability to work independently in a results-oriented environment
- Strong troubleshooting/problem-solving ability; ability to create efficient solutions to complex problems
- Excellent verbal and written communication skills. Must be able to read, write and speak English fluently, including technical concepts and terminology. Fluency in additional languages is desirable
- Must be able to relay technical information with customers with varying skill levels
- Experience with F5 hardware, software, and utilities like iRules, iApps, and iControl a plus
- Experience in the Security Field
- Ability to excel in a face paced, challenging, technical operations environment with extended business hours working
- Prior experience in Information Security
- Computer Science and/or graduate degree preferred, or equivalent experience
- Ability to work shifts
34
Soc Analyst Resume Examples & Samples
- Provides F5 customers with outstanding & rapid reaction to real-time alerts regarding phishing, malware and other security attacks
- Provides F5 customers and partners with a consistently outstanding support experience
- Provides technical support to remotely troubleshoot and resolve issues on F5 software products
- Perform initial Javascript investigations
- Effectively communicates with hosting and registrar companies worldwide by e-mail and phone
- Proactively acts to shutdown phishing websites and DropZones
- Manages vast amount of incidents in short time & real-time
- Generates “after incidents” reports to F5 customers
- Handles the SOC databases
- Handles initial investigation of DDoS, Malware related alerts (JavaScripts, *.php etc.)
- Investigates new worldwide DDoS, Malware and provides F5 clients with relevant information
- Creates signatures for new malware attacking F5 clients
- Works closely with the company marketing team for publishing threat research reports
- Cooperates with threat research team
- Demonstrated experience in a technical support role, working with relevant technologies
- Hands on technical experience with and very knowledgeable of security operations, scripts reading and understanding, basic knowledge in different languages: JS, PHP, HTML, HTML 5
- Thorough knowledge of software’s such as WireShark, VMware, Burp Suite
- Ability to work with moderate supervision
- Analytical thinker with strong attention to detail
- Must be able to read, write and speak English fluently, including technical concepts and terminology. Fluency in additional languages is desirable
- Must be able to relay technical information to customers with varying skill levels
- Proficiency in Windows OS
- Siebel SCM or similar ticketing system experience preferred
- 2-3 years experience in the security field
- Prior SOC or NOC experience
- Strong background in customer service and incident management
- Ability to excel in a face paced, challenging, operations environment with 24/7 shifts
- Investigation of customer defects and online fraud in real-time
- Computer Science and/or graduate degree preferred or equivalent experience
- Must be able to communicate fluently in English (written and oral). Multi-lingual a plus
- Comply with F5’s information security policies and protect information assets from unauthorized access, disclosure, modification, destruction or interference
- Responsible for promptly reporting security events or potential events or other security risks to F5
- Performs other related duties and projects as assigned
35
Soc Analyst Resume Examples & Samples
- Handles initial investigation of WAF related alerts (JavaScripts, *.php etc.)
- Investigates new worldwide WAF and provides F5 clients with relevant information
- Creates signatures for new WAF attacking F5 clients
36
Soc Analyst Resume Examples & Samples
- Actively seeks to uncover indicators of compromise for which monitoring capabilities do not yet exist by reading and interpreting logs and packet traces
- Intermediate to advanced understanding of network protocols and operating systems is required
- Creates hypotheses for analytics and testing of threat data and tests methodically to prove or disprove the hypothesis
- Shares lessons learned, initial indicators of detection, and opportunities for strengthening detection capabilities
- Performs analysis of compensating controls and validates efficacy of existing controls
- 7+ years of combined IT Security experience with a focus on Cyber Hunting & Threat Intelligence
- Security Certifications Preferred (ISSEP, GCIA, GCIH, & GPEN)
- Network and Platform Certifications Preferred
- Understanding of network protocols and their analysis
- Experienced with Windows & Linux operating systems
- Experienced with event analysis leveraging SIEM tools
- Knowledge of malware operators and indicators
- Knowledge of current threat landscape (threat actors, APT, cyber-crime, etc..)
- Knowledge of Firewall and Proxy technology
- Knowledge of penetration techniques
37
Is Soc Analyst Resume Examples & Samples
- Minimum of 2 years experience in a batch production support role, Network Environment trouble shooting, or System administration (server/client)
- Experience with one or more UWCC and CA7/CA11 batch scheduling tools
- Working knowledge of FTP, TSO, Infopac, CICS, JCL and OPS/MVS related products
- Strong analytical and customer service skills & detail oriented
- Self-starter, quick learner, initiative, and proactive
38
Soc Analyst Resume Examples & Samples
- Categorise events, incidents and vulnerabilities based on relevance, exposure and impact
- Ensure case management
- Activate initial response plan based on standard playbook entries
- Provide support to incident responders
- Advise affected users on appropriate course of action
- Escalate unresolved problems to higher levels of support, including the incident response and vulnerability mitigation teams
- Configure the SIEM components for an optimal performance (tuning of thresholds …)
- Reviewing and improving the monitoring policy on a regular basis. Integrate IOCs in security solutions
- Define dashboards and reports for reporting on KPIs
- Produce qualified reports (including recommendations) or alerts to SOC customers and follow-up on actions
- Contribute to the design of the overall monitoring architecture, in close relationship with the customers/system owners, on the one hand, and the security operations engineering team, on the other hand
- Educated to a Master’s Degree in Information Technology or equivalent and a minimum of 5 years of professional experience
- A minimum of 4 year experience as SOC Analyst and/or first line incident responder
- You should hold at least one valid certification among the following ones: GCIH, GCIA, ECIH, CSIH, SCPO or an equivalent one recognised internationally
- Fluent in English and negotiation level in French
39
Soc Analyst Resume Examples & Samples
- Partners Senior SOC Specialist in undertaking of system and security monitoring of supported commercial and government customer security deployments
- SIEM (Security Information and Event Management): management, maintenance, support, monitoring, security event investigation and reporting (working knowledge of NetIQ Sentinel or McAfee Nitro products is an advantage)
- Network IDS/IPS: management, maintenance, support, monitoring, security event investigation and reporting (working knowledge of McAfee, Sourcefire or IBM ISS IDS/IPS solutions is an advantage)
- WAF (Web Application Firewalls): management, maintenance, monitoring, security event investigation and reporting (working knowledge of Imperva or F5 WAF products is an advantage)
- Investigation of identified security incidents, working together with Senior SOC Specialist and relevant referral teams where required
- Investigation of identified system issues for supported security solutions
- Working with vendor TAC in provision of relevant information / logs, working together with Senior SOC Specialist where appropriate
- Review and update of SOC support documentation / work instructions
- Production of regular SOC security reporting
- Planning (including change control management / representation at CAB – ITIL Foundation an advantage) and deployment of standard SOC pro-active maintenance / minor update changes following published work instructions, working with Senior SOC Specialist where appropriate
- Requirement for flexibility in working hours, mixing standard core office hours during Monday - Friday with occasional requirements for late night working, weekend work and adhoc shift coverage – adaptable approach to work requirements is fundamental for role
- In possession or ability to gain SC clearance along with Office for Nuclear Regulation clearance
- Ability to work well in a Team
- Methodical and disciplined work approach
- Skills and competencies (one or more)
- Strong knowledge and demonstrable experience of information security technologies and methods
- Security event log collection and analysis
- Experience in systems (Linux/Unix) and networking
- Experience of vulnerability and threat assessment
- Experience of Intrusion detection and prevention systems
- Experience of Web-based application security
- Ability to develop custom code (Perl / shell scripting etc.)
- Experience of working in a Security Operations Centre environment or similar
- Certified to one or more of the following or equivalent:- CISSP / CEH / SSCP / GIAC -
- GCFA, GIAC Certified Forensic Analyst
- GERM, GIAC Reverse Engineering Malware
- GCFE, GIAC Certified Forensic Examiner
- OSCP Offensive Security Certified Professional (OSCP)
- Knowledge / prior experience of incident, change and problem management framework (ITIL Foundation certification useful)
40
Soc Analyst Resume Examples & Samples
- Monitor security events in the SIEM and other general office tools
- Triage incoming security events, perform analysis, and escalate to supervisors and customers if events deem additional response action
- Monitor security appliance health and perform basic troubleshooting of security devices; notify security engineering as necessary for malfunctioning equipment
- Provide 24x7 Operational support on a shift schedule (including overnight shifts and weekends)
- General network background including familiarity with OSI and TCP/IP models, ports and protocols, and Internet communications technologies (HTTP, DNS, SMTP, etc)
- Familiarity with various malware packages and how they communicate
- 1+ years of information security related experience, in areas such as: security operations, incident analysis, incident handling, vulnerability testing, system patching, log analysis, intrusion detection, or firewall administration
- Host-based antivirus applications (McAfee VSE with ePO integration)
- Operating Systems: Strong understanding of Windows and Unix/Linux
41
Senior SOC Analyst Resume Examples & Samples
- Knowledge of network security zones, firewall, IDS
- Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to event
- Knowledge of packet capture and analysis
- Experience working with SIEM solution such as ArcSight, QRADAR, Mcafee
- Experience with log management or security information management tools
- Experience with Security Assessment tools/frameworks (NMAP, Nessus, Metasploit, Netcat)
- Ability to make information security risk determinations
- Intrusion Detection In Depth – SEC503 (GCIA certification) or equivalent
- GIAC Continuous Monitoring (optional GMON certification)
42
SOC Analyst Level Resume Examples & Samples
- Ability to use one or more development languages (Python, Java, JavaScript, Ruby, Go, etc.)
- Experience in building clients that leverage various API endpoints (REST, SOAP, etc.)
- Experience in version control (perferrably git)
- Moderate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)
- Moderate knowledge of malware operation and indicators
- Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
- Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)
- Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
- Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)
43
Soc Analyst Resume Examples & Samples
- Take proactive and reactive steps to mitigate Layer 4-7 security attacks or threats against F5 clients
- Analyze large volume network traffic for attack detection
- Engage directly with F5 clients who are under attack via phone, chat, email and/or ticketing systems
- Provide real-time guidance to customers on network configuration, security settings and policies, and attack mitigation procedures
- Document actions taken in incident management systems, knowledge base, or ticketing systems as required
- Be a trusted security adviser internally and externally
- Assist customers with onboarding and provisioning
- Appropriately manage time and customer issues based on issue severity and business needs
- Collaborate with Product Management and Development on requirements and product release activities
- Identify, define and implement process and procedure improvements
- 1+ years’ experience in the Information security field
- Ability to excel in a fast paced, challenging, security operations environment
- Undaunted by unknown technologies / quickly capable of coming up to speed on new technologies
- Must be able to communicate technical and operational details fluently in English (written and oral)
- Strong troubleshooting/problem-solving ability
- Experience with global routing/networking technologies ( GRE, BGP, ASN routing )
- Experience working with Customer Support and Service Management portals, including provisioning, reporting, and configuration
- Fundamental Linux skills
- Ability to perform log file analysis
- Ability to develop creative, efficient solutions to complex problems
- Expert technical knowledge of and experience troubleshooting TCP/IP networks
- Detailed protocol analysis using tools such as tcpdump, tshark, and Wireshark
- Experience using tools such as Fiddler, HttpWatch, Burp Suite, socat, and netcat
- Packet manipulation and crafting using tools such as hping, scapy, and iptables
- Traffic generation and replay using tools such as apachebench and tcpreplay
- Background in security incident response
- Experience in network design and configuration
- Information Security/Computer Science degree or equivalent experience
- Familiarity with a programming or scripting language
- Experience on common enterprise network and routing technologies
- Experience with F5 hardware, software, and utilities like iRules, iApps, and iControl
44
Soc Analyst Resume Examples & Samples
- 3-5 years of experience in Information Security, preferably as a SOC analyst or security analyst in a related position
- Hands-on experience with common security technologies (Splunk, SIEM, IDS, Firewall, WAF, DLP etc.)
- Create, tune, and compile metrics of all security devices and documentation of processes and procedures
- Monitor and report on trends and activity on network sensor platforms
- Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies
- Perform incident correlation & escalation
- Knowledge of common security threats, attack vectors, vulnerabilities and exploits
- Knowledge of common networking services and protocols
45
Soc Analyst Resume Examples & Samples
- Knowledge, skill, and mental development equivalent to completion of two years of college, preferably with course work in information security, cybersecurity, computer science, management information systems or a related field, or equivalent work experience in cybersecurity or networking
- Prior experience equivalent to three years of progressively responsible technical experience in a business or public organization, preferably in networking systems, information security or in a complex IT environment
- Knowledge of information security industry best practices
- Knowledge of network protocols (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]) and directory services (e.g., Domain Name System [DNS])
- Knowledge of common network tools (e.g., ping, traceroute, nslookup)
- Knowledge of defense-in-depth principles and network security architecture
- Knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip)
- Knowledge of basic system administration, network, and operating system hardening techniques
- Skill in discerning the protection needs (i.e., security controls) of information systems and networks
- Skill in communicating with all levels of management including Board members (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience)
- Ability to characterize and analyze network traffic to identify anomalous activity and potential threats to network resources
- Ability to coordinate with enterprise-wide computer network defense (CND) staff to validate network alerts
- Ability to provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities
- Ability to use computer network defense (CND) tools for continual monitoring and analysis of system activity to identify malicious activity
- Ability to take direction from supervisors and/or lead workers. Requires good oral and written communication skills to present technical information to non-technical decision makers with clarity and precision
- Ability to analyze observations and clearly communicate observations to others
- Ability to utilize agency supplied materials/equipment (e.g., cell phone, laptop, etc.)
46
Junior SOC Analyst Resume Examples & Samples
- General SIEM monitoring, analysis, content development, and maintenance
- Research, analysis, and response for alerts; including log retrieval and documentation
- Conduct analysis of network traffic and host activity across a wide array of technologies and platforms
- Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
- Process abuse inbox emails (spam, phishing, etc.)
- Process tickets assigned to the SOC/CSIRT group
- Maintain strong standards, and promote productivity, accountability and high morale
- Ensure the SOC analyst team is providing excellent customer service and support
- 1-3 years of SOC or MSSP experience
- 1+ years of SIEM experience
- Working knowledge of security architectures and devices
- Working knowledge of threat intelligence consumption and management
- Working knowledge of root causes of malware infections and proactive mitigation
- Working knowledge of lateral movement, footholds, and data exfiltration techniques
- Track record of creative problem solving, and the desire to create and build new processes
- Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
- Experience with Splunk
- Experience with active threat hunting and adversary tracking
- Experience with one or more scripting languages (e.g., Python, JavaScript, Perl)
- Bachelor’s degree and 2+ years or higher degree in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, Information Systems, etc
- Experience as a government contractor
47
Intern, SOC Analyst Resume Examples & Samples
- Participate in the incident response lifecycle and gain familiarity with relevant methodologies, including: detection, analysis, remediation, and deployment of countermeasures
- Learn how to use common enterprise security tools and techniques during a computer security investigation
- Participate in SOC mentoring and skill sharing programs
- Participate in analysis of and response to computer network intrusions, web application and server attacks, and insider threats, as appropriate
- Participate in business process documentation, metric reporting, and process automation
- Participate in threat intelligence research and process documentation
- Participate in Sony intern events
- Complete other tasks as assigned by the SOC Director
- Working towards an undergraduate degree in Computer Science, Cyber Security, Information Technology or related subject matter
- Detail-oriented, with the ability to multitask and quickly apply new concepts to accomplish assignments
- Experience with Confluence or SharePoint a plus
- Previous experience through work or internship preferred
- Familiarity with at least one programming language preferred
- Fluency in another language (particularly Japanese) a plus
- Available at least 20 hours per week
- Eligible to work in the USA
48
Soc Analyst Resume Examples & Samples
- Performs detailed examination and analysis of Phishing sites and other fraud types (Vishing, 419 Scams, Pharming)
- Performs analysis of malware binaries and communication points
- Gathers and reports data, working to meet or exceed client’s Service Level Agreement (SLA)
- Communicates with clients and internal departments to support findings
- Communicates with ISPs and Registrars globally to mitigate fraud attacks
49
Soc Analyst Resume Examples & Samples
- Information Security experience required. (Prior SOC experience preferred)
- Experience with a variety of operating systems including Windows, Linux or UNIX in a functional capacity
- CSIS, CEH, CSTA, CSTP, GCFE, CISSP, GCIH, GCIA, GPEN. – preferred
- Excellent written and verbal communication skills required. Must be able to communicate technical details clearly
- McAfee Nitro, Splunk, McAfee ePO or other like technology experience
- Well known protocols and services (FTP, HTTP, SSH, SMB,DAP)
50
Soc Analyst Resume Examples & Samples
- Diploma/Degree in Computer Science / IT Security from a recognized education institution
- Professional security related qualification (i.e. GCIA, GCIH, CISSP etc) will be favorable although not mandatory
- Min 2 years of relevant experience in similar capacity or candidates without relevant experience are welcome to apply. Training will be provided for selected candidates without relevant experience
- A good knowledge in networking technology and network security (i.e. Firewall, IDS, IPS, VPN, APT and TCP/IP protocols)
- Familiar with SOC processes
- Hands-on experience in Unix/Linux and Windows administration
- Hands-on experience in Security Information Event Management System (SIEMS) example: HP ArcSight / Splunk / RSA
- Basic malware analysis capability will be an advantage
- Working experience with RSA SIEM will be an advantage
- Analytical problem solving and troubleshooting skill
- Effective time management and organizational skill
- Good operational knowledge on SIEMS, Breach Detection System, Network Forensic Systems
51
Senior SOC Analyst Resume Examples & Samples
- Creates new ways to solve existing production security issues
- Investigates intrusion incidents, conduct forensic investigations and mount incident responses
- Evaluates new technologies and processes that enhance security capabilities
- Establishes plans and protocols to protect data and information systems against unauthorized access, modification and/or destruction
- Delivers technical reports on daily activities
- Analyzes and advises on new security technologies and program conformance
- Maintains knowledge with current emerging technologies and advancements within Information Security
- Takes initiative and responsibility for achieving desired results
- Monitor, investigate, and respond to risks to customers and the corporate environment
- Interpret information provided by tools to form a sound hypothesis regarding the root cause of an event
- Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement
- Create and maintain documentation, processes, procedures, and reports
- Contribute to the continuous improvement and growth of the SOC and Information Security
- Continue to develop technical skills to expand one’s knowledge and understanding of key Information Security controls
52
Senior SOC Analyst Resume Examples & Samples
- To provide lead security analysis and support throughout the organisation, ensuring security and governance requirements are met, and be proactive in the identification and remediation of security incidents
- To ensure incidents are logged and reported to the business and 3rd parties as appropriate
- To act as a coordinator of activity in a shift operation
- To support teams on operational security issues, ensuring risks are identified and treated
- Proactively develop the team’s capabilities, including attack detection, vulnerability management, process development and improvement, and mentoring the SOC Analysts
- Provide technical expertise in establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a reoccurrence
- Work closely with other Global Security team members and business units to identify or mitigate threats
- Run test scenarios to build knowledge and ensure completeness for procedures / work instructions
- Develop and manage reports to demonstrate effectiveness and value of the teams work
- Key team member in Disaster Recovery testing and management
- Key team member in Audit and Compliance activities
- Participate in Knowledge Sharing groups
53
Soc Analyst Resume Examples & Samples
- Receive, document, and report cyber security events
- Categorize incidents and implement corresponding escalation procedures
- Communicate and coordinate incident response efforts
- Conduct daily operational update meetings for SOC staff and unscheduled situational update briefings for government leaders
- Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs)
- Provide telephone, e-mail and ticket service to customers
- Reference applicable departmental and operating administration policies in work products
- Access, secure and inspect local classified information processing areas
- Candidates must be eligible to obtain and maintain an Active DOD Secret Clearance
- All employees must have one Security Certificate prior to joining, preferably a CompTIA Sec+, CASP or CEH
- Bachelor's degree in Computer Science or Information systems
- Minimum four (4) years of relevant professional experience
- Experience with intrusion detection systems and threat techniques. (Lateral Movement, Rootkits & Toolkits
- Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC)
- Experience with business process reengineering, capability maturity model, change management, or process improvement
- Exceptional writing and documentation skills
- Incident Handler will maintain twenty four (24) hours a day, seven (7) days a week, three hundred sixty five (365) days per year, incident handling capability. Incident Handler must be a proven team player with excellent oral and written communications skills
- Incident Handler must be capable of working on projects independently, and have frequent interaction with government client is required
- Candidate should have previous experience working in a network security incident response team, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC)
54
x SOC Analyst Resume Examples & Samples
- Good infrastructure and technology experience including demonstrable understanding of security operations
- Good communication skills both written and verbal
- Ability to prioritise workloads and to know when to seek guidance
- Experience working with 1st line ticketing/triage
- Experience using Security Incident and Event Management (SIEM) toolsets
- Specific experience in Splunk / big data forensic technologies
- Proven technical ability in Unix/Linux/etc
- Proven technical ability in Microsoft Windows/Active Directory
- Proven technical ability in networking systems
- Experience with Amazon cloud hosting platforms
- Experience with VMware virtualisation
- Experience of system forensics
- Computer programming / scripting skills
- Experience of malware analysis
55
Soc Analyst Resume Examples & Samples
- Monitor intrusion detection and prevention systems and other security event data sources on the appointed shift. Determine if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures
- Correlate data from intrusion detection and prevention systems with data from other sources such as firewall, web server, and Syslogs
- Tune and filter events, create custom views and content using all available tools following an approved methodology and with approval of concurrence from the gov’t management
- Provide support for the Government CSIRT Hotline and appropriately document each call in an existing tracking database for this purpose
- Coordinate with the O&M or help desk teams to ensure production CSIRT systems are operational
- Use previous experience to enhance procedures for handling detected security events
- Create custom content and develop new use cases to better correlate security event information
- Develop and utilize “Case Management” processes for incident and resolution tracking. The processes should also be used for historic recording of all anomalous or suspicious activity. Currently, processes in place now using internal reporting tool
- Identify misuse, malware, or unauthorized activity on monitored networks. Report the activity appropriately as determined by CSIRT Management
- Monitor, document and respond to centrally collected virus data and indicators
- Industry certifications: GCIH, GREM or other related SANS certifications
- Penetration testing and/or forensics experience
- Splunk experience is a plus
56
Soc Analyst Resume Examples & Samples
- Monitoring intrusion detection and prevention systems and other security event data sources on the appointed shift. Determine if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures
- Tune and filter events, creating custom views and content using all available tools following an approved methodology and with approval of concurrence from the gov’t management
- Use your previous experience to enhance procedures for handling detected security events
57
Soc Analyst Resume Examples & Samples
- Be a trusted security advisor internally and externally
- Investigate new attacks and vulnerabilities
- 2+ years’ experience in the Information security field
- High degree understanding of HTTP
- Knowledge of Layer 7 DDoS attack mitigation
- Ability to define, configure, and manage (in real-time and on production networks) security policies protecting against bots, SQL injection, cross-site scripting, RFC compliance, signature protection, web scraping, CSRF, brute force, cookie manipulation, parameter tampering and other Layer 4-7 attacks/vulnerabilities
- F5 ASM specialist certification
- Fluency in additional languages is desirable
- Experience in managing web application security
- Experience working in an enterprise web application environment
- Responsible for upholding F5’s Business Code of Ethics and for promptly reporting violations of the Code of other company policies
58
Soc Analyst Resume Examples & Samples
- Passion for all things Information Technology and Information Security
- Natural curiosity and ability to learn new skills quickly
- Strong analytical, documentation, and communication skills
- Experience with trouble ticketing and change management tools
- Must be able to computer
- SANS Certifications, ideally GCIH, GCFE, GREM, GCFA
- Knowledge of Regular Expressions
- Experience with SIEM (Security Information Event Management) tools such as ArcSight or Splunk
59
Soc Analyst Resume Examples & Samples
- Documents remediation required based on input during incident handling or vulnerability identification
- Opens and tracks tickets for remediation of issues found during an incident or vulnerability that is required to facilitate a closed loop process
- Manage white list and black list in SIEM and disseminates to appropriate operators for tool policy updates or setting updates in security tools
- Issue documentation and proactively contacts system asset owners when an incident is resolved to ensure that remediation steps are understood and remediation time line is committed in ticket
- Understanding and exceeding all SLA commitments
- Review daily and weekly metrics for security and vulnerability incidents
- Escalating issues to Tier III or Manager when necessary
- Knowledge base article submissions
60
Soc Analyst Resume Examples & Samples
- Experience with Security monitoring using wireshark and Splunk - 100% of there time will be spent utilizing this SEIM tool to scan and monitor the networks
- Experience with incident handling and escalating incidents-They must follow guidelines of the SOC, remedy incidents and coordinate an escalation plan if need be
- Experience in a 24x7 NOC or SOC or NOSC performing real-time log analysis to provide network and data security (100% of their time will be spent in a SOC)
61
Soc Analyst Resume Examples & Samples
- Bachelor's degree in Computer Science or related field and 7+ years’ experience, or equivalent combination of education and experience
- Experience in network, host, data and/or application security in a Windows/Unix/Linux operating environment
- Advanced understanding of Splunk and Enterprise Security to include experience administering these systems, assessing new technologies and integrating those datasets into Splunk, and building queries, dashboards, and monitoring protocols within Splunk
- Understanding of Windows/Linux operating systems and command line tools
- A solid foundation in networking, with a deep understanding of TCP/IP and other core protocols
- Experience with network security tools (e.g. Nessus, Wireshark, Snort)
- Experience with host-based security tools (e.g. Firewalls, IDS/IPS, Proxies)
- Experience reviewing raw log files, and data correlation (i.e. firewall, Netflow, IDS, syslogs)
- Demonstrable knowledge of attack vectors, threat tactics, attacker techniques, and the Cyber Kill Chain
- Knowledge of network-based services and client/server applications
- Experience with programming/scripting languages (e.g.Python/Perl)
- Background in information security operations e.g. incident response and monitoring services
- Experience with enterprise information security data management tools/SIEM such as ArcSight or Splunk
- Experience with improving signature quality and detection through results analysis and team collaboration
- Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and authentication technologies
- Experience working with internet, web, application and network security techniques
- Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
- Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
- Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.)
- Experience working with NIST Special Publications and C & A process methodology
- Possess one or more security related certifications, preferably GCIH or equivalent, CEH, etc
- Good analytical and problem solving skills to troubleshoot and resolve network/operating system security issues
- Ability to perform and interpret vulnerability assessments
- Ability to administer the operations of a security infrastructure
- Ability to balance and prioritize work
62
Soc Analyst Resume Examples & Samples
- Support a Mission Critical production environment, protecting critical infrastructure and F5 clients from the latest information security threats
- Document actions taken in security information and event management systems (SIEM), knowledge base, or ticketing systems as required
- Provision new clients or update the provisioning & configuration of existing clients
- Provide real-time guidance to clients on network configuration, security settings and policies, and attack mitigation procedures
- Collaborate with Product Management on requirements and product release activities
- Responsible for promptly reporting security events or potential events to other security risks to F5
- Prior Experience working within a SOC (Security Operations Center) or a NOC (Network Operations Center) desired
- Knowledge and proven experience in managing DDoS issues or WAF
- Experience working with Customer Support and Service Management portals, including provisioning, reporting and configuration
- Working knowledge of UNIX/Linux operating systems and commands
- Ability to define, configure, and manage (in real-time and on production networks) security policies protecting against bots, SQL injection, cross-site scripting , RFC compliance, signature protection, web scraping, brute force, cookie manipulation, and other Layer 4-7 attacks/vulnerabilities
- Must be able to relay technical information to clients with different levels of technical competence
- Ability to work in a fast paced environment and meet stretch goals with moderate supervision
- Troubleshooting/problem-solving ability
- Experience working in a customer facing environment
- Experience with Cisco routers/switches/load balancers/firewalls, Juniper routers
- CCNA, CCNP, JNCIS/P, OSCP certification
- Demonstrated experience in the security field
- Excellent verbal and written communication skills. Must be able to read, write and speak English fluently, including technical concepts and terminology
- Investigation of client issues, vulnerabilities, and online fraud in real-time
63
AWS SOC Analyst Resume Examples & Samples
- 1-2 years’ previous experience working within an operations center
- 1-2 years’ previous security experience
- 1-2 years' previous experience using MS Office Suite to include Word, PowerPoint, Excel, etc
- 1-2 years' experience demonstrating high-level customer service skills
- 1-2 years' experience demonstrating multitasking skills including the ability to answer multiple phone lines, prioritization of e-mail, instant message, and ticket related communication
- 1-2 years' experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
- 1 years' experience demonstrating excellent communications skills, including a mastery of the English language both written and spoken
- 1-2 years' experience demonstrating a professional demeanor and ability to communicate with business leaders
- Ability to work any shift within the 24/7 operation, including holidays and weekends and sit for prolonged periods without getting distracted
- US Citizen is required
- 2-3 years’ previous experience working within an operations center
- 2-3 years’ previous security experience
- 2-3 years' previous experience using MS Office Suite to include Word, PowerPoint, Excel, etc
- 2-3 years' experience demonstrating high-level customer service skills
- 2-3 years' experience demonstrating multitasking skills including the ability to answer multiple phone lines, prioritization of e-mail, instant message, and ticket related communication
- 2-3 years' experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
- 2-3 years' experience demonstrating excellent communications skills, including a mastery of the English language both written and spoken
- 2-3 years' experience demonstrating a professional demeanor and ability to communicate with business leaders
- 2-3 years' experience with access control systems (ex: Lenel, Multi-Max, C-Cure, Honeywell, etc.)