Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Cyber SOC Specialist

C

Cyber Defense Labs, LLC

Cyber SOC Specialist

Dallas, TX
Full Time
Paid
Similar Jobs
  • Responsibilities

    Cyber Defense Labs is a full life-cycle information security service provider helping companies manage, detect and respond to today’s cyber risks. We provide trusted cyber risk management services to help companies reduce business risk before, during and after a cyber event.

    Cyber SOC Specialist-Security Systems

    Job Summary:

    As a Cyber Defense Labs Cyber Security Specialist, your role on the team will include leveraging your knowledge of industry best practices, good judgment and problem-solving skills to execute security operations. Being on the front lines of defense, the Cyber Security Specialist is adept at making good decisions under pressure and able to quickly adapt to any security challenge. This individual also pays attention to detail and is disciplined in documenting process and procedures. The Cyber Security Specialist will also be responsible for all requests coming into the department making sure departmental SLAs are met. The Cyber Security Specialist must rationalize and exploit all security tools within the CDL portfolio to detect, isolate, and neutralize advanced threats across the CDL customer base.

    Primary Duties & Responsibilities:

    You will be working on all phases of the detection, investigation and resolution of cyber security events flagged by the various detection systems in use at CDL.

    You will also work closely with other members of the Cyber SOC team to run investigations into the root cause of security events, escalating to the Technical Security, vulnerability and problem-management teams where necessary.

    You will work with various internal and external Cyber SOC-related stakeholders to make sure that our customers security posture is always being strengthened as we work to continually improve security configurations, practices and processes.

    You will be responsible for becoming a subject matter expert on the network and security posture of the customer’s you are assigned to.

    You will be responsible for pro-actively looking for security trends and making recommendations within a customer’s environment.

    You will be responsible for tuning alerts and rules.

    Document Security process and procedures.

    Support service request in-take process and communicate back to requestors promptly

    Ancillary activities that you would be involved in may include providing security-related assistance to internal staff members, running and interpreting the results of vulnerability scans for Technical Security/CSIRT team and applying commonly used information security standards with respect to the systems being used in the Cyber SOC / CSIRT (e.g. ISO 27001, SOC2 and GPG 13).

    Other duties and responsibilities as assigned

    This position will sit in the 24/7 Cyber Defense Center and will involve shift work including day, evening and weekend roles.

    Minimum Qualifications:

    Passion and enthusiasm for Cyber Security.

    3 to 5 years’ experience of working in a high-performance SOC team in a cyber-security focused organization.

    Experience with an enterprise-grade SIEM platform (e.g. LogRhythm, AlienVault, ArcSight, QRadar, McAfee).

    Working knowledge in network access control, intrusion prevention and detection systems, firewalls, routers, incident response, information security methods, and risk management

    Experience in high volume environments that handle millions/billions of records per day.

    Experience in Security Event analysis & triage, incident handling and root-cause identification.

    Specialty in one or more of the following Information Security domains:

    Cyber Intelligence Analysis, Threat Monitoring, Incident Response, Machine Learning & Artificial Intelligence, Malware Analysis, Computer Forensics, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Platform Security, Identity & Access Management, Security Education & Awareness, Vulnerability Scanning & Management, and Compliance & Risk Management

    Well versed in TCP/IP and other network protocols

    Ability to review and understand packet captures and netflow

    Experience with Red/ Blue team exercises.

    Excellent team-working skills, and a "can do, let's get it done" attitude is crucial.

    A desire to keep learning, extending your skills and pushing the boundaries of your knowledge.

    Excellent verbal and written communication skills

    Preferred Qualifications:

    Elasticsearch, Logstash and Kibana (ELK) experience. Bro and Fluentd experience.

    Ability to write and understand scripts in languages such as Python, Ruby, Bash, etc

    Ability to write and understand complex regular expressions (PCRE).

    Event Detection tools (e.g. FireEye, Palo Alto, Fortinet, Carbon Black, Cylance)

    Experience with 'big-data' platforms such including Hadoop, HDFS, Apache Spark etc.

    IDS/IPS (e.g. TippingPoint, Sourcefire, Snort, Suricata)

    Security related certifications, for example CISSP, GCIH, CEH, OSCP, Security+.

    An undergraduate or higher degree in computing with a strong security component.

    Education and/or Experience:

    College Degree in Cyber Security or Information Technology or equivalent work experience.

    Certifications like Security+, CEH, GCIH