Job Description Seeking a security operations analyst who has a background and experience in network security strategy and solutions to become a member of our Global Cyber Security Operations Centre (CSOC). This candidate will be an integral part of a high performing team providing triage and response services as part of a follow the sun model. Heshe will be responsible for partnering with members of IT in multiple global regions for alert analysis, incident containment and remediation. A qualified candidate is a seasoned professional with a broad level of experience in multiple areas of IT and a strong emphasis on network security strategy and solutions. This includes awareness of current security risks, threats and targeted attack methods, techniques and tactics. The candidate should have experience with technical investigations using contemporary event correlation and endpoint investigation technology. Periodically the analyst will also be expected to liaise with the organization s IT and security leadership in support of security OR business project(s) with security implications. At times this may include developing and maintaining vendor relationships. These projects typically target expansion or improvements to CSOC capabilities or new business development. The candidate should also possess strong analytical skills and have an inherent drive for seeking knowledge, sharing knowledge and continuous process improvement. Responsibilities Research, analyze and present options to evolve our suite of network security controls as well as integrations both upstream and downstream Develop and maintain a network security roadmap Identify and research network security improvement opportunities though interaction with IT operations, vendors and leading practices Work alongside network operations teams to gain alignment for necessary changes Create and edit granular network firewallsecurity filters rules to reduce our attack surface and potential for breach Take part in projects as a subject matter expert and service owner Provide investigative support to the CSOC Manage and maintain playbooks and runbooks, both manual and automated make recommendations for improvements Monitor and analyze alerts various sources in the incident queue Identify false positive alerts and create appropriate exceptions to quiet noisy alerts Identify and analyze systems exhibiting suspicious or malicious behavior Collect and analyze volatile forensic data to confirm or rule out malicious or attacker activity Document Indicators of Compromise (IOCs) in threat intelligence database Perform threat malware analysis and research Perform containment during incident response Follow up and determine root cause of incidents Produce written reports to management after large scale incidents Provide recommendations post-incident to mitigate failed security controls Contribute to procedural methods and documentation Mentoring and knowledge sharing with local and global CSOC team members Skills Proficient with DNS, routing protocols, network alerting use cases and Active Directory Hands-on experience with virtualized, cloud and SaaS based firewalls and related network security platforms Experience with network security products and an understanding of the associated protocols, logs and configurations. This includes, but is not limited to VPN, load balancers, routers, next gen firewalls and IDS and IPS technology. Must be fluent in the English language Excellent oralwritten communication skills (in English) are mandatory Experience working with a global company and team Able to pass a thorough background check Bachelor s Degree in Cyber Security, Computer Science or equivalent experience Current security industry certifications preferred (GIAC, ISC2, EC-Council, etc.) Strong analytical and problem-solving skills Strong interpersonal and customer service skills Able to work well on a virtual team without close supervision Solid understanding of the Windows operating system, registry, security configurations, services, processes and WMI Experience with built-in OS shell commands and 3rd party command line tools Familiar with general IT security best practices and controls Familiarity with LinuxUnix systems Familiar with various infrastructure components, and how they interact Strong understanding of security and network event logs Basic understanding of email headers Experience with tools used for IPhostbinary research Solid understanding of malware, static and dynamic analysis and removal (detecting, persistence mechanism, network communication, etc) Strong scripting or application development skills preferred Experience with host-based forensics is preferred Experience on a SOC Required Skills CYBER SECURITY ACTIVE DIRECTORY FIREWALLS NETWORK ALERTS DNS. Don't hesitate! Submit your resume today. SMCI is an EEO employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, national origin, disability, age, genetic information, marital status, military, and veteran status. Members of minority groups, Vietnam Era Veterans and individuals with mental or physical disabilities are encouraged to contact us regarding employment opportunities. In addition, in order to support the provision of business to minority-owned and Women-owned businesses (MWBE), such MWBE are encouraged to contact us regarding subcontracting business opportunities with our firm. (No third parties, please) (H1 sponsorship currently unavailable) (Local candidates only, please)