Tier 2 SOC Analyst

This is a remote position.

1. SIEM: The ability to conduct correlated searches and analysis utilizing a Security Incident & Event Management system.
   
2. Network: The ability to Analyze and dissect packets and validate threat signatures
   
3. Endpoint: Ability to perform basic static forensic analysis of Systems and Files
   
4. Email: Demonstrated ability to analyze email attributes such as Headers, and the ability to apply appropriate countermeasures to enhance email defense
   
5. Cloud: The ability to analyze anomalous detected traffic based on defined attack policies, ability to validate the treat and then determine remediation steps and present findings)
   
6. User & Entity Behavior Analytics: demonstrated capability to recognize and respond to various anomalous patterns of User’s and Entity’s activity to detect malicious intent.
   
7. Web Application: familiarity with various types of code-based attacks and the ability to detect and respond to them
   
8. Data Loss Prevention: Demonstrated capability to analyze DLP events and the ability to detect Data exfiltration through covert channels.
   
9. Document As-Is and To-Be playbooks for existing and future process.
   
10. Coordinate and facilitate meetings such as process reviews, requirements, and various status reports
    

• All work when On MTA premises will be desk work only performed within the Cyber Security Operation Center (CSOC) Environment.
  

Requirements

• Critical Thinker & Analytical Aptitude
  
• SIEM Experience (Splunk)
  
• Tier II SOC Incident Handling & Investigation
  
• 24/7 Security Operation Center Experience
  
• Threat Detection & Response Experience
  
• Threat Detection Technologies Experience
  

• Knowledge of Enterprise Networks & Security infrastructure, Communication and internet security systems, Firewalls, Intrusion Protection Systems, Remote Access VPN, Proxy, Wireless Security, NAC, Enterprise ID Management systems, Database, computer systems, security event analysis and forensic investigations.
  
• Organizational, decision making, and communications skills.
  
• Knowledge of network security operations with a solid understanding of the technology and attention to detail.
  
• Creative problem-solving abilities, coupled with a desire to take on responsibility.
  
• Strong team player with the ability to engage and promote a cohesive unit.
  
• Ability to handle multiple tasks in a fast-paced environment and prioritize highly varied work in order to maintain required productivity levels.
  
• Ability to communicate technical info and ideas so others will understand.
  
• Ability to make appropriate decisions considering the relative costs and benefits of potential actions.
  
• Ability to apply collaborative skills and traits that create solutions and results to unexpected situations.
  
• Bachelor's degree in Computer Science, Cyber Security, Information Technology or related discipline OR a satisfactory equivalent with 4-6 years of Information Technology experience.
  
  

Benefits

Lynx offers a comprehensive benefits package, including health and welfare benefits, life insurance, retirement benefits, paid holidays, and remote working options.