Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

SOC Analyst

S

Sentinel Blue

SOC Analyst

National
Full Time
Paid
Similar Jobs
  • Responsibilities

    Sentinel Blue is looking for a SOC Analyst to join our Security Operations Center. This role is for an analyst with some experience in a security analyst role or entry-level for someone with experience in an IT administration role. Our ideal person for this role has a background in IT and is still in their transition to full-time security work, but has exposure to working in a SOC; they should be a natural investigator and get enjoyment out of solving interesting problems. This role is primarily responsible for receiving, handling and escalating security alerts, conducting investigations and initiating remediation of security events. Additionally, this role contributes to cybersecurity projects, primarily improving alerting and SOC processes.

    This is a full-time remote position. Due to the nature of our work, you must be a U.S. citizen with eligibility for a clearance. No exceptions.

    A day in the SOC Analyst role:

    The SOC Analyst starts the day with a standup call/check-in with the Operations team to review current issues. Then, the Analyst will begin reviewing security alerts, vulnerability reports and security incident information produced by our stack of security tools. The Analyst investigates notable events, takes action on incidents and produces reports for internal and client stakeholders. Then, the Analyst gets to work on their latest project; this might be writing new threat hunting queries for the SIEM & EDR system, or documenting a remediation for an open vulnerability, or writing a how-to article for an internal tool. Throughout the day, the Analyst continues to monitor alerts and responds to anything actionable.

    Responsibilities:

    • Review security alerts, incidents and vulnerabilities, and initiate investigation, containment and mitigation of threats.
    • Improve and execute on core SOC processes, such as incident response.
    • Create alert queries and automated mitigations.
    • Review threat intelligence and create IOCs for security tools.
    • Contribute to internal knowledge bases, client education articles, and public release articles and research papers.
    • Contribute to reports, briefs, and presentations.

    What We Can Offer:

    Sentinel Blue is a young company with a focused mission: We're bringing enterprise-class cybersecurity to small and medium sized businesses. Frankly, we're pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we're always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to build your skills. Further, success in this role can quickly transition into a team leadership role. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference.

    You will be required to achieve a Security+ certification in the first 12 months of hire; we'll cover your certification costs and provide paid time for you to study!

    Requirements:

    • U.S. citizenship - by nature of our work with the defense industry, all employees must be eligible for a Secret clearance.

    • **General knowledge of security operations, including use of a SIEM/SOAR platform.
      **

    • Basic knowledge of cloud architecture, modern IT infrastructure, security best practices and networking concepts.

    • Basic knowledge of IT systems, including virtualization, Windows 10, endpoint management, and desktop support.

    • Ability to independently investigate and understand security events and recommend proper courses of action.

    • Strong written communication skills.

    • Intermediate understanding of security fundamentals (least privilege, RBAC, audit logging, endpoint security, change management).

    Desired Qualifications:

    • Experience in a multi-client environment - experience in managed security services is highly desired.
    • Experience with Microsoft Sentinel is highly desired.
    • Experience with MITRE ATT&CK.
    • Experience with red-team/purple-team activity.
    • Experience with automation using PowerShell, Python, etc.
    • Knowledge and passion for cloud-first architecture, including experience building and deploying systems in Azure.
    • Exposure to compliance requirements for the U.S. Defense Industrial Base (i.e., CMMC, DFARS, NIST SP 800-171) or other industry compliance frameworks (ISO 27001, CIS Controls).
    • Professional certifications such as CEH, CCSP, CISSP, CISM, CySa+ or related certifications.

    Benefits:

    • Fully paid individual healthcare, vision and dental insurance for the employee.
    • Paid certification and training opportunities.
    • Three weeks of paid vacation + 10 paid holidays.
    • A supportive environment with a focus on keeping healthy work-life balance.
    • Retirement benefit (401k) with company match.

    **
    **