Tier 1 SOC Analyst, Splunk ES

Yesterday

Apply Now

Receive Emails with Similar Jobs

Binary Defense

WebsiteLinkedInAll Job Openings

Managed Security • Threat Intelligence • SIEM Management • Consulting • Detection and Response

51 - 200

💰 Private Equity Round on 2022-11

Description

• Binary Defense is seeking a talented Tier 1 SOC Analyst with Splunk Enterprise Security (ES) experience. • Actively monitor and investigate security alerts to detect malicious activity at our clients during your shift in our 24x7x365 SOC. • Perform Cyber Kill Chain and MITRE ATT&CK analysis on incoming security alerts. • Follow documented procedures to properly triage and respond to identified malicious activity, such as escalation or remediation actions. • Provide our clients with clear/concise written investigations within the Binary Defense service management system. • Communicate and collaborate with Binary Defense clients through the lifecycle of all escalated security investigations. • Contribute to general security operations across all clients in the Binary Defense portfolio, whether through escalations, regular meetings, etc. • Participate in internal meetings, such as shift turn over, team meetings, etc. to collaborate with your fellow team members and perform knowledge transfer. • Perform regular training to stay sharp on the latest technologies, methodologies, etc. (Binary Defense will sponsor this training). • Stay up-to-date on the latest vulnerabilities, threats, and attacks around the world. • Be a team player and interface regularly with your shift mates and colleagues.

Requirements

• Bachelor’s Degree in Cyber Security or equivalent work experience. • Familiarity with the principals of network and endpoint security, current threats, vulnerabilities, and attack trends. • Working knowledge of security principals and frameworks such as Cyber Kill Chain, MITRE ATT&CK, etc. • One or more Cybersecurity certifications. • Excellent written and oral communication skills. • Experience with Security Information Event Management (SIEM) platforms. • Must have Splunk Enterprise Security experience. • Experience with Endpoint Protection platforms, such as: CrowdStrike, Carbon Black, SentinelOne, Cybereason, etc. • Willingness to learn and continually improve skills.

Benefits

• Competitive medical, dental and vision coverage for employees and dependents. • 401k match which vests every payroll. • Flexible and remote friendly work environment. • Training opportunities to expand your skill set.