Information Security Analyst II

About the Role:

We are seeking a highly motivated Security Operations Center (SOC) Security Analyst to join our dynamic cybersecurity team. In this role, you will be a critical part of our defense, responsible for continuous monitoring of security events, swift triage of potential incidents, and effective resolution of identified threats. The ideal candidate will possess a strong understanding of various attack vectors, security technologies, and incident response methodologies, with a passion for proactive threat detection and mitigation.

What You'll Do:

• Incident Monitoring & Detection:
  • Perform continuous monitoring and analysis of security alerts and logs from various security tools (SIEM, EDR, IDS/IPS, firewalls, DLP, etc.).
  • Identify, investigate, and interpret anomalous activities, security events, and potential threats across our IT environment.
  • Utilize threat intelligence feeds and frameworks (e.g., MITRE ATT&CK) to contextualize and prioritize security events.
• Incident Triage & Analysis:
  • Conduct in-depth analysis of security incidents to determine scope, root cause, and potential impact.
  • Perform initial malware analysis, network traffic analysis, and host-based forensics to gather evidence and understand attack methodology.
  • Prioritize incidents based on severity, potential impact, and organizational risk.
  • Collaborate with other security teams and IT stakeholders during incident investigations.
• Incident Response & Resolution:
  • Execute incident response procedures, including containment, eradication, recovery, and post-incident activities.
  • Implement immediate containment measures to prevent further damage or spread of threats.
  • Provide clear and concise incident reports, outlining findings, actions taken, and recommendations for improvement.
  • Assist in the development and refinement of incident response playbooks and standard operating procedures (SOPs).
  • Participate in on-call rotation for after-hours incident support as required.
• Security Tool Management & Optimization:
  • Assist in the configuration, tuning, and optimization of security monitoring tools to reduce false positives and enhance detection capabilities.
  • Provide feedback and recommendations for improving our security posture and tooling.
• Documentation & Knowledge Sharing:
  • Maintain accurate and detailed documentation of security incidents, investigations, and resolutions.
  • Contribute to the knowledge base, sharing insights and lessons learned with the SOC team.
  • Mentor junior analysts and contribute to team training initiatives.
• Proactive Threat Hunting :
  • Ability to conduct proactive threat hunting based on threat intelligence and an understanding of adversary tactics, techniques, and procedures (TTPs).