SOC Analyst

Threat Intelligence Center • Orem, Utah

We are currently developing several new technologies, products, and services that require a high energy Security Operations Center Analyst (SOC) to join our growing team of threat hunters. We are looking for someone who wakes up hungry to find bad guys. The ideal candidate wants that opportunity to break into the world of cybersecurity in their first entry level SOC role. We want a threat hunter who wants to be mentored, coached, and developed into becoming the best SOC Analyst they can become. Our SOC Analysts find cyber bad guys, investigate alerts, and provide our small to medium businesses with advice and guidance to triage these cyber threats from shutting down their business. SecurityMetrics, Inc SOC Analyst uses a variety of industry standard tools with all training, coaching, and mentoring provided. In addition, this role will provide the Analyst with new skill opportunities including using our latest digital eSkimmer technologies that help clients identify Magecart threats, digital skimmers and tools that prevent online shopping cart (eCommerce) attacks. Job candidates who can write threat hunting scripts or detection rules will be given priority for interviews.

Responsibilities Summary

• Ability to correctly assess, evaluate, triage, and respond to clients by providing proper context with attribution for security events, alerts, threats, vulnerabilities and incidents.
• Ability to update rules and indicators of compromise (IOCs) to pinpoint affected systems and the extent of the threat.
• Ability to analyze running processes and configs on affected systems.
• Ability to use a variety of threat intelligence enrichment sources for threat hunting.
• Ability to carry out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted.
• Ability to create or recommend a strategy for clients to contain and recover from threats.
• Ability to carry out vulnerability assessments and penetration tests to assess the resilience of clients
• Ability to assist clients isolating areas of weakness that need focus or attention to improve their security posture
• Ability to work with a sense of urgency to quickly identify and communicate clearly client's security incidents, gaps, risks, or vulnerabilities
• Skilled at technical writing to develop client's monthly security reports and update SOC playbooks
• Ability to provide technical guidance to SecurityMetrics to help improve our tools, products, services, reduce false positives and find more enriching sources of threat intelligence.

• Job candidates who can write threat hunting scripts or detection rules will be given priority for interviews.
• Understanding of network security principles, frameworks & best practices.
• Experience and ability to secure VLANs, Subnets, TCP / UDP Ports, VPNs, configuring firewalls, and fundamental understanding of network segmentation best practices.
• Experience using open source SIEM tools to monitor east / west traffic and end point traffic.
• Experience finding threats inside shopping carts (such as Magecart and formjacking threats) is a bonus.
• Ability to threat hunt using a variety of logs (Proxy, firewall, windows event logs, IoT logs, Endpoint logs, application logs, Perimeter device logs.
• Experience with vulnerability scanning tools, and ability to interpret results. Nessus is preferred.
• Ability to perform queries, nested queries, conditional searching, apply boolean logic, and use the correct syntax or wildcards when threat hunting.
• Understanding and experience using a variety of enrichment sources to assist you while threat hunting.
• Experience with Linux command line functionality skills is preferred.
• Strong problem-solving & technical troubleshooting skills involving all of the above technologies.
• The ideal candidate will have attained at least one professional certification such as Security+ (preferred), Network+, any GIAC certification, OR any equivalent certification.
• Candidates with experience and a technical degree from an accredited university will also be considered.
• Candidates with capture the flag (CTF) experience but no certifications or degrees are also encouraged to apply.
• Candidates who want to grow their TV, social media followers, blog, news media, and online profile exposure are also encouraged to apply.

• • This is an entry level SOC Analyst position.
  • This is a great opportunity to get your feet in the door into the world of cybersecurity.
  • This is an hourly position with 40 hours per week.
  • The work will be flexible enough to ensure a healthy work - life balance.
  • This position requires someone flexible enough to respond to threats as they come into the Threat Intelligence Center.
  • This position has the opportunity for growth, development, mentoring, coaching, paid training, continued CPEs, and paid certifications.
  • All members of the SOC Threat Intelligence Team will have opportunities to use our latest patent pending cybersecurity products and services.
  • Compensation: Salary range is based on local industry rates and qualifications.

• Interviews will begin in January 2025.

• No AI (or AI hiring tools) will be used in the interview or qualification process - humans will review all resumes.
• This is an on-site position based in Utah at the address listed below.
• Office location: 1275 West 1600 North, Orem, UT 84057.