SOC Analyst

3 months ago

Foxborough, United States Thrive Networks Inc Full time
Job DescriptionJob Description

About Us 

Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services.  Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers.  Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER.  If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training and experience necessary to build a lucrative career, then welcome to THRIVE 

Position Overview 

With a growing client base, Thrive is continuing to build out its security team.  We are looking to hire a SOC Analyst to take a role within our Security Operation Center and assist with the continuously monitoring and improving our customers' security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents, utilizing technology and well-defined processes and procedures. The ideal candidate will have a passion for information security and will value what a properly managed Security monitoring solution can bring to our client needs.  

Primary Responsibilities 

  • Perform security event monitoring using Security Information and Event Management (SIEM) from multiple sources, including but not limited to, events from network and host-based intrusion detection/prevention systems, network infrastructure logs, systems logs, applications, and databases. 

  • Respond to detected threats from various EDR platforms. 

  • Assist with ongoing management of various security platforms. 

  • Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform analysis of exploits. 

  • Proactive monitoring and response of known and/or emerging threats. 

  • Carry out Thrive’s information security strategy both internally and externally for 400+ clients around the world.   

  • Analyze data from our SOC and SIEM tools and determine if further analysis is needed. 

  • Work within Thrive’s security standards and best practices and recommend future enhancements.  

  • Stay abreast of security events and techniques to keep our clients protected. 

  • Build awareness through training and education. 

  • This is primarily a remote position, but occasional office visits may be required. 

  • We are looking for people who can work 8AM-5PM ET M-F. 

Qualifications 

  • Has knowledge of the following systems and technologies:  

  • SIEM (Security Information and Event Management)  

  • TCP/IP, computer networking, routing, and switching  

  • IDS/IPS, penetration and vulnerability testing  

  • Firewall and intrusion detection/prevention protocols  

  • Windows, UNIX, and Linux operating systems  

  • Network protocols and packet analysis tools  

  • EDR, anti-virus, and anti-malware  

  • Content filtering   

  • Email and web gateway 

  • DNS Filtering and Security  

  • Understanding of cybersecurity threats, and experience with incident response standards and procedures. 

  • Demonstrates comprehension of good security practices. 

  • Professional experience in a system administration role supporting multiple platforms and applications. 

  • Ability to communicate network security issues to peers and management. 

  • Prior experience working for an MSP/MSSP. 

  • Prior experience working in a Security Operations Center (SOC) as a Security Analyst or related position. 

Required Skills 

  • Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions. Must be able to work effectively in a team environment and collaborate within the team and other stakeholders. 

  • Computer Networking & Security 

  • Vulnerability Discovery and Analysis 

  • Operating System Internals 

  • Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.). 

  • Excellent Written and Verbal Communication Skills 

Preferred Skills 

  • Knowledge of common Windows and Linux/Unix system calls and APIs 

  • Understand Anti-Virus 

  • Knowledge of programming languages. 

  • Knowledge of internal file structures for file formats commonly associated with malware (e.g., OLE, RTF, PDF, EXE, etc.) 

  • Security+ Certification (and/or similar CompTIA Cyber Security Certs) 

  • SC-200 Microsoft Certification 

  • INE Cyber Security Certifications 

  • NSE Certifications 

  • BA/BS in Cyber Security or related field, or equivalent experience 

Powered by JazzHR

SY4CwDwgoW