SOC Analyst

*Hybrid position. No H1B or C2C*

*W2 contract only*

Advanced knowledge of SIEM technologies preferably Microsoft Sentinel

*Information Security Analyst - SOC/SIEM Threat Management *

Under minimal direction, the SOC (Security Operations Center) / Security information and event management (SIEM) Analyst collaborates to develop innovative and effective procedures for the SOC to enhance coordination and incident response operations. Additionally, the SOC / SIEM Analyst will lead configuration and deployment of our SIEM tool, monitor network traffic for security events, and perform triage analysis to identify security incidents. The SOC / SIEM Analyst will respond to computer security incidents by collecting, analyzing, preserving digital evidence, and ensuring that incidents are recorded and tracked in accordance with SOC requirements. Additionally, the SOC / SIEM Analyst candidate must demonstrate intuitive problem solving and exemplary teamwork skills, work closely with other teams to assess risk, and provide recommendations for improving our security posture.

*Projects & Requirements:*
* Writes procedures for processing and retention of log data
* Support configuration and integration of data feeds into the enterprise Security Information and Event Management (SIEM) solution.
* Monitor network traffic for security events and perform triage analysis to identify security incidents.
* Conducts analysis and digital forensics to identify, monitor, review, assess and counter the threat posed by cyber criminals and bad actors.
* Communicates with IT teams and management to warn of possible risks to data and systems, promote plans to mitigate those risks, write cybersecurity alerts and advisories.
* Utilizes threat intelligence to mitigate potential data threats, protect data, and impede criminals from accessing regulatory and proprietary data.
* Prior experience in leading Security Operations Center (SOC) and SIEM technologies
* Advanced knowledge of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
* Advanced knowledge of SIEM technologies preferably Microsoft Sentinel
* Experience analyzing both log and packet data to include the use of WireShark, tcpdump and other capture/analysis tools.
* Strong understanding of incident response methodologies and technologies
* Forensic and Malware analysis experience

*Role & Responsibilities:*
* Analyzes system data to determine broad issues/trends and to determine root cause of problems and report on status of information security.
* Responsible for investigating incidents, analyzing attack methods, researching new defense techniques and tools, developing security policy, and documenting procedures for the SOC / SIEM.
* Perform assessment as well as troubleshooting and help isolate issues with IDS/IPS. sensors, Antivirus servers, Vulnerability scanners.
* May also participate in the evaluation and implementation of other new security solutions.
* Develops documentation as necessary to support the overall delivery of SOC / SIEM and threat management objectives. This includes but is not limited to project plans, communications, executive presentations, job aids, training materials, technical reference documentation metrics/measures packages, and Request for Proposal/Offers (RFP/RFO’s).
* Develop log and data retention requirements for the SIEM.
* Be part of the RFP committee, coordinate responses to vendor’s questions, and perform vendor onboarding and project coordination activities.
* Demonstrate intuitive problem solving and exemplary teamwork skills, work closely with other teams to assess risk, and provide recommendations for improving our security posture.
* Must be able to weigh business needs against security concerns and articulate issues to management and stakeholders.
* May assist in establishing Security Orchestration and Automated Response (SOAR) technologies.
* Other duties as assigned.

*REQUIREMENTS*

*Education:*
* High School diploma, or G.E.D. equivalency from an accredited educational institution.

*Experience:*
* Four (3) years of work experience in a relevant role, i.e Senior SOC Analyst, Incident Response, Threat Analyst.

*Knowledge, Skill & Abilities (KSA’s)*

· Prior experience in leading Security Operations Center (SOC) and SIEM technologies

· Advanced knowledge of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.

· Advanced knowledge of SIEM technologies preferably Microsoft Sentinel

· Experience analyzing both log and packet data to include the use of WireShark, tcpdump and other capture/analysis tools.

· Strong understanding of incident response methodologies and technologies

· Forensic and Malware analysis experience

*Preferred Certifications:*
* Comptia Security+, Network+, CySA+ or equivalent certification.
* GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security) or equivalent Certifications.

*Preferences:*

· Bachelor's degree in Information Systems, Information Security, Information Technology, Computer Science, or similar area of study from an accredited college or university.

· Hands-on experience with SIEM capability and tools like MS Sentinel

· Cyber Threat and Intelligence gathering and analysis.

· Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cybersecurity), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)

· Experience with Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls), Host Security Products (HIPS), Anti-Virus, vulnerability scanners, etc.

· Ability to confront challenges in a constructive fashion and influence others through consensus building

· Strong organizational skills, including the ability to drive adherence to cybersecurity processes and tools and to keep focus on multiple tracks of work and open issues in parallel.

· A passion for cybersecurity, self-starter mentality, flexibility and willingness to take on new challenges and ability to thrive in a team environment.

*Automatic Disqualification:*

· Convictions, probation, or deferred adjudication for any Felony, and any Class A Misdemeanor

· Convictions, probation, or deferred adjudication for a Class B Misdemeanor, if within the previous 10 years

· Open arrest for any criminal offense (Felony or Misdemeanor)

· Family Violence conviction

*Location: Downtown Houston - 406 Caroline St., Houston TX 77002*

Job Types: Contract, Full-time

Pay: From $80.00 per hour

Experience level:
* 10 years
* 8 years
Schedule:
* Monday to Friday

Experience:
* SOC and SIEM: 6 years (Required)
* Microsoft Sentinel: 2 years (Required)
* Cybersecurity Analyst: 7 years (Required)

Work Location: In person

---