If you are a Senior SOC Analyst with experience, please read on!

What You Will Be Doing

We are searching for a Senior Security Analyst with extensive experience in network forensic analysis and incident response. The preferred candidate should also be able to identify root cause of compromised systems utilizing full packet captures of network activity and log data. Candidate must be able to work with a team and coordinate work actions with that team.

What You Need for this Position

Candidates should possess the following skills:

• Solid understanding of core security technologies rewalls, IDS/IPS, SIEM, AV
• Experience performing forensic analysis of network logs and packets to identify compromise artifacts (3+ years)
• Ability to identify actionable indicators of compromise based upon analysis of network forensic data
• Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred
• Ability and desire to mentor junior analysts

Qualifications

Basic Qualifications:

• Minimum three yearsperience performing incident response with an emphasis on system compromise analysis
• Ability to analyze captured data to perform incident response and identify potential compromises to customer networks
• Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
• Experience analyzing both log and packet data to include the use to WireShark, tcpdump and other capture/analysis tools
• Ability to perform network based forensics and log analysis
• Strong understanding of incident response methodologies and technologies
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
• Participate in on-call rotation

Additional Qualifications (nice to have)

• Experience with log management and/or SIEM technologies such as Splunk, ArcSight, and LogLogic
• Experience with network monitoring tools such as RSA Netwitness, NIKSUN, Bluecoat Security Analytics.
• Malware analysis and reverse engineering (3+ years)
• Technical certifications considered an asset are: CISSP,GCIH, GCIA, GCFA, GPEN, CEH, CCNA, CCNP
• Candidate must be reliable and able to function as part of a 24x7 operations center.

As of April 2017, Protection 1 merged with ADT to become the leading company in the electronic security industry. As we progress through our integration, you will see collateral, building signs and apparel from both companies, but please know: we are on our way to becoming a completely unified ADT and while that happens, we are better together.