SOC Engineer

Job Description Job Summary: We need a Security Engineer to work on our Cyberfusion Center team. We are looking for someone with experience with SIEM working in a SOC (Sec Ops Center). Heres some additional details: Incident Response: Respond efficiently to various security incidents and assist teams with detection, analysis and containment of the incident. Perform analysis of security, network, and system logs while correlating events and activities to decide on what actions may be necessary to various security events in the environment. SIEM/EDR: The ability to use SIEM/EDR technology to respond to various threat events, investigate threats, build detection rules and use cases that will assist teams with alerting on relevant threats or abnormal activity Threat Hunt: Be able to develop a hypothesis about what threats may be active/targeting the environment, while utilizing technology to proactively search the environment for any suspicious activity. Threat Intel: Monitor threats and keep up to date with the threat landscape to help prioritize our alerting, hunts, and responses. Understand the MITRE Attack Framework and the various tactics echniques used by adversaries. The ability to use threat intel to create actionable items to improve our security posture. Problem solving: The ability to identify problems, analyze information, and develop solutions and/or make recommendations quickly and efficiently Continuously tune our security solutions to reduce false positive/negative alerts Each team member is expected to be aware of risk within their functional area. This includes observing all policies, procedures, laws, regulations and risk limits specific to their role. Additionally, they should raise, and report known or suspected violations to the appropriate Company authority in a timely fashion. Performs other related duties as required The information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Synovus is an Equal Opportunity Employer supporting diversity in the workplace. Minimum Requirements Minimum Education: Bachelor's Degree in Information Technology, Business Administration, or related field or an equivalent combination of education and experience. Minimum Experience: Six years of information security experience to include a background in a multiple information security technology (e.g. intrusion detection, penetration testing, identity and access management) Certification(s): Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE), and/or Certified Network Engineer (CNE) are preferred. Required Knowledge, Skills, Abilities: Knowledge of various information security concepts and technologies such as identity management, network security, risk assessment, application security, platform security, security monitoring Basic knowledge of industry standard information security practices and processes Good oral and written communications skills with the ability to communicate to technical and non-technical audiences Strong analytical and problem-solving skills Strong team-oriented interpersonal and communication skills Ability to solve problems independently, quickly, and completely and to communicate them clearly to management Ability to adapt to rapidly changing technology and apply it to business needs Ability to assist with network and application troubleshooting; provide technical consulting support