This job is now closed
Job Description
- Req#: 1034
- Monitor and analyze security events utilizing advanced security technologies and tools such as Microsoft Sentinel, Splunk, Defender technologies, and Log Analytics.
- Utilize deep threat intelligence to identify and investigate potential security threats.
- Respond to and triage security incidents, escalating as necessary.
- Utilize proficiency in KQL/SPL Queries to conduct investigations and gain insights into potential security threats.
- Collaborate with other teams to resolve security incidents and improve overall security posture.
- Participate in incident response efforts and assist in forensic investigations, adhering to NIST guidelines.
- Continuously improve security operations through the identification of trends and anomalies.
- Communicate security incidents and findings to stakeholders and management.
- Willingness to work in a 24/7 environment.
- Experience working in government environments.
- Familiarity with incident response requirements based on NIST guidelines.
- Proficient in implementing and utilizing Microsoft Sentinel for Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) concepts.
- Experience in using Azure Sentinel to detect and respond to security threats, anomalies, and to automate incident response.
- Experience with techniques utilizing the MITRE ATT&CK framework for incident investigation and threat hunting.
- Experience in conducting investigations and identifying malicious activities using techniques such as packet analysis, log analysis, and endpoint forensics.
- Experience with scripting languages such as Python, PowerShell, and JavaScript.
- Other duties as assigned
- At least 5+ years of experience in a SOC Analyst role at a SOC/MXDR or MSSP with L2 experience.
- Strong understanding of networking technologies.
- Experience with Microsoft security technologies such as Microsoft Sentinel, Splunk and Defender XDR stack.
- Strong understanding of security best practices and incident response procedures.
- Experience with deep threat intelligence.
- Strong proficiency with KQL & SPL Queries.
- Strong verbal and written communication skills.
- Strong analytical and problem-solving skills.
- Microsoft Security certifications such as MCSE: Security, MCSA: Windows Server 2016, Azure Security Engineer Associate are a plus.
- Azure experience working with azure security is a must.
- Experience with scripting languages such as Python, PowerShell, and JavaScript.
- Experience working in government environments.
- Familiarity with incident response requirements based on NIST guidelines.
- Willingness to work in a 24/7 environment.
- Experience with techniques utilizing the MITRE ATT&CK framework for incident investigation and threat hunting.
- Experience in conducting investigations and identifying malicious activities using techniques such as packet analysis, log analysis, and endpoint forensics.
Job Title: L2 SOC Analyst
Pay Type: SALARIED EXEMPT
Location: Remote
Summary of Position Role/Responsibilities
Quzara, a leading Cyber Security Firm, is seeking a highly skilled and experienced L2 SOC Analyst to join our Security Operations Center (SOC). This fully remote role is critical to our mission of protecting our clients from cybersecurity threats. The L2 SOC Analyst will be responsible for monitoring and analyzing security events, identifying and investigating potential security threats, and responding to security incidents. The ideal candidate will have a deep understanding of cybersecurity technologies, threat intelligence, and incident response procedures, with a strong background in using Microsoft security technologies and tools.
Essential Functions of the Job
Marginal Functions of the Job
Normal Work Schedule
This is a full-time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. If your role falls within our Security Operations Center you will be assigned a specific shift. As a result, your working schedule may require flexibility to cover any shift that falls within a 24/7 cycle, it may also change and rotate, including nights, weekends, and holidays.
Education, Training, and Experience
EEO Statement
The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws.
Shift Schedule: Sun-Wed 4:00 PM to 2:00 AM Eastern TimeAbout the company
The best remote jobs for you
Notice
Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.
Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.
An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.