Cybersecurity Operations (CSOC) Engineer
Job Description
The Information Cybersecurity Operations Engineer position will be specific to night watch (4:30 PM to 1:30 AM EDT) as part of Security Risk Advisors CSOC Team. This is an outstanding opportunity to lead a team and be hands on with a wide variety of tool sets and various client organizations.
RESPONSIBILITIES:
Work closely with the defenders in the client environment to manage alert monitoring and incident response and provide eyes on glass security monitoring for threats.
Respond, investigate, and triage alerts in real-time.
Use the latest security monitoring technologies to detect adversaries.
Use and develop content for Security Information Event Management tools (SIEM), Endpoint Detection & Response tools (EDR), User Behavior Analysis (UBA), SOAR (Security Orchestration, Automation and Response), AV and Ticketing systems.
Create, QA, understand, and disseminate incident workflows to defenders.
Develop and lead threat hunts and IOC sweeps.
Assist in leading purple team exercises.
Conduct regular client updates that focus on actionable metrics, purple team results, engineering efforts and project status.
Attend training and conferences to level up skills and knowledge.
Train new defenders on triage, hunting and detection techniques.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
This job operates in a professional office environment or remotely as needed/required. This role routinely uses standard office equipment.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear. The employee frequently is required to stand; walk; use hands to finger, handle, or feel; and reach with hands and arms. This is a largely sedentary role.
REQUIREMENTS
3-10 years of professional experience.
Strong organization skills with attention to detail.
A demonstrated passion for technology.
Work effectively as part of a team, yet function well with independent responsibilities.
Experience or coursework around incident investigation and forensics, information security and computer networking.
Experience tuning and operating common SIEM and EDR platforms.
Interest in taking the initiative for personal growth and development.
Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.
Proficient in PowerShell, python, and other coding languages commonly used during incident response activities.
Strong written and verbal communication skills with a high level of professionalism.
Bachelors degree in Cyber Security or equivalent subject matter.
Willingness to travel.
Ability to work non-core hours including weekends and night shifts.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
BENEFITS
WORK WITH EXPERTS: Robust internal training program, plus Company-paid external training. SRA recognizes the value of professional development for employees. Therefore, we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA.
CORPS TRAINING PROGRAM: Our SRA Corps training program is a six-week experience that begins with one week of orientation at our Philadelphia headquarters. Whether new hires are interns, co-ops, or full-time consultants, SRA Corps members meet our founders, learn our values, and experience a day in the life of a cybersecurity consultant. Following orientation, Corps members return to their home office and participate in trainings such as Consulting 101, Enterprise Networks, Cloud Security and more. Our leaders provide hands-on offensive, defensive, and frameworks boot camps.
GIVE BACK: 1-2-3 Program: 1. SRA will give $1,000 to a charity of your choice. 2. If you give an additional amount (up to $1,000), then 3. SRA will match that amount up to $1,000.
401K AND MATCHING: Company 401(k) plan including annual 3% safe harbor contribution.
MENTAL HEALTH SERVICES: SRA has partnered with Talkspace to provide SRA employees with free mental health support. Talkspace connects individuals with licensed therapists for chat, video, and phone sessions.
MEDICAL / DENTAL:
(Subject to change)
Security Risk Advisors is a fast growing 200+ person company with offices in Philadelphia, Rochester, New York and Kilkenny, Ireland. We deliver state-of-the-art cyber security consulting services to Fortune 1,000 organizations in the Financial Services, Healthcare, Pharmaceutical, Technology, Industrial and Consumer Products industries. Security Risk Advisors maintains a fast-paced and innovative culture that focuses exclusively on engagements that solve the emerging needs of our clients. Our environment fosters the continuous professional development necessary to remain at the top of our game.
To find out more about us, please visit our website at: https://sra.io
Security Risk Advisors is an Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs, job requirements, and individual qualifications, without regard to race, color, sex, sexual orientation, gender identity or expression, age, religion, national origin, disability, marital or family status, veteran status, medical condition, or any similar category protected under federal, state, or local laws.
SRA values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, and veterans to apply.