Senior SOC Analyst

Duration & Type: 6 months Contract with a major pharmaceutical industry client Location: Candidate can work remotely from any location in the US Description: The SOC is an advanced global team responsible for the detection and response to the most sophisticated cyber threats and attacks. The Senior SOC Analyst will leverage a variety of tools and resources to proactively detect, investigate, and mitigate emerging and persistent threats impacting Company’s networks, systems, and applications. Responsibilities:

• Forensics and Incident response:
• Serve as escalation point for conducting investigations into security incidents involving advanced and sophisticated threat actors and TTPs
• Perform forensic collection and analysis of electronic assets, devices, and log sources
• Manage incident response activities including scoping, communication, reporting, and long term remediation planning
• Threat Hunting:
• Identify, collect, and analyze threat intelligence from internal and external sources and teams
• Develop hypotheses, analyze techniques, and execute hunts to identify threats across the environment
• Interface with security teams and business stakeholders to implement countermeasures and improve defenses
• Big Data analysis and reporting:
• Utilizing SIEM/Big data to identify abnormal activity and extract meaningful insights.
• Research, develop, and enhance content within SIEM and other tools
• Technologies and Automation:
• Interface with engineering teams to design, test, and implement playbooks, orchestration workflows and automations
• Research and test new technologies and platforms; develop recommendations and improvement plans
• Day to day:
• Perform host based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response
• Coordinate investigation, containment, and other response activities with business stakeholders and groups
• Provide mentoring of junior staff and serve as point of escalation for higher severity incidents
• Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement
• Recommend or develop new detection logic and tune existing sensors / security controls
• Work with security solutions owners to assess existing security solutions array ability to detect / mitigate the abovementioned TTPs
• Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against company network.

Required:

• Education: Bachelor’s degree in Computer Science or a related field Relevant Technical Security Certifications.
• Experience required: 6+ years of experience in Incident Response / Computer Forensics / SOC team / Threat Hunting or related fields
• Host and network based forensic collection and analysis
• Dynamic malware analysis, reverse engineering, and/or scripting abilities
• Proficient with Encase, Responder, X-Ways, Volatility, FTK, Axiom, Splunk, Wireshark, and other forensic tools
• Understanding of Advanced Persistent Threat (APT) and associated tactics.
• Research, enrichment, and searching of indicators of compromise
• Very strong team and interpersonal skills along with the ability to work independently and achieve individual goals.
• Coordinate with other team members to achieve the specified objectives.
• Effective oral and written communication skills.

For consideration, please send resume to [email protected] Apply tot his job Apply To this Job