2 - 4 years of experience in Security Operation Center (SOC), Cyber Security, and Information Security within an enterprise environment
Experience with Windows and Linux, server and application hardening process
Mandatory experience in Azure, EDR, XDR, SOAR, SIEM Tools
Familiarity with compliance and regulatory requirements such as PCI, SOX, HIPAA
Requirements:
Triage security incidents identified by SOC analysts
Identify enhancement to rule sets and other tool optimization to automate reporting
Coordinate with SOC manager to escalate security issues to other business units
Collaborate with business units to prioritize vulnerability remediation
Job description
Experience:
2 - 4 years of experience in Security Operation Center (SOC), Cyber Security, and Information Security within an enterprise environment.
Experience with Windows and Linux, server and application hardening process.
Experience supporting one or more information security technologies.
Mandatory experience in Azure, EDR, XDR (Crowdstrike, Windows Defender), SOAR, SIEM Tools (e.g., Splunk, Rapid7, ArcSight, McAfee Nitro), Palo Alto, Cisco and one of the following: IDS/IPS, database activity monitoring, multi-factor authentication, web content filtering, encryption, and encryption key management, DLP, change detection.
Working knowledge of TCP/IP stack & familiarity with common protocols e.g., HTTP, FTP, SMTP, DNS.
Familiarity with network and application threats such as DoS/DDoS, SQL injection, XSS, reconnaissance scanning, and methods to avoid detection.
Working knowledge of compliance, and regulatory requirements, such as Payment Card Industry (PCI), Sarbanes-Oxley (SOX), and Healthcare Information Privacy Protection Act (HIPAA).
Experience with vulnerability scanning tools such as Nessus, Acunetix, Qualys, or Metasploit a plus.
Have scripting experience with Bash, PowerShell, or Python and the ability to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts.
Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain.
InfoSec certification are a plus such as CISSP, CompTIA Security+, GIAC Security Essentials, & CEH
Have strong oral and written communication skills Strong interpersonal and leadership skills.
Responsibilities:
Triage security incidents identified by SOC analysts.
Identify enhancement to rule sets and other tool optimization to automate reporting and reduce false positives in unified SIEM and review with manager / senior team members for implementation.
Coordinate with SOC manager to escalate security issues to other business units including solutions development, customer hosting and corporate IT.
Collaborate with business units to prioritize vulnerability remediation and execution of planned activities.
Subscribe to threat intelligence services and monitor vendor alerts for major vulnerability disclosures.
Monitoring of advanced security tools, perform analysis of dissimilar indicators, correlation of multiple sources, alert & coordination of security incidents across the environment.
Review & analyze system logs and third-party management products to preemptively detect, take defined corrective actions and alert process/system owners to new issues.
Assist with creation and maintenance of security incident response procedures.
Participate in research and assist implementation of security tools used by SOC team.
Assist SOC manager with dashboards and business reporting.
Communicating With PatientsBillingHealth Insurance Portability And Accountability Act (HIPAA) ComplianceCall Center ExperienceHealthcare Industry Knowledge
