Full Job Description
Location: Eatontown, NJ
The SOC Analyst (Level 1) will use a variety of tools to investigate incidents and take immediate action or recommend a course of action to safeguard Aspire’s Managed Services Clients. The SOC Analyst (Level 1) is responsible for monitoring and responding to security related alerts triggered in the SIEM tool within Aspire Technology Partners’ Managed Service Clients. Primary responsibilities include correlation of data from various sources; determining if a critical system or data set has been impacted; provides recommendations on remediation; and provides support for new analytic methods for detecting threats.
ESSENTIAL DUTIES AND RESPONSIBILITIES- MAY INCLUDE THE FOLLOWING: OTHER DUTIES MAY BE ASSIGNED.
Ensure that all SOC (Security Operations Center) tickets are handled and resolved within SLAs (Service Level Agreements).
Staying up to date with current security vulnerabilities, attacks, and countermeasures
Monitor security alarm activity from remote communications sites to ensure company compliance
Document all incidents and create a clear narrative that supports their conclusions
Create and run search queries in SIEM tool to help with identifying and troubleshooting security issues
Utilize tools (e.g., Wireshark, Nmap, PCap, etc.) to identify and map devices on the network
Open, track and close trouble tickets
Answer incoming hot line calls and monitor various e-mail accounts and act according to SOC procedures and processes
Interface with field personnel to mitigate security incidents
Assist with the preparation of SOC reports
Investigate and provide technical analysis of various security incidents and possible compromise of systems
Provide recommendations for responding to malware incidents
Works as Tier 1 support and will escalate all events to second tier Incident Responder for review before completing event notation to assure correctness in reviews.
Work directly with other SOC Incident Responders and NOC Engineers for issue resolution
Provide direct communication to affected users and companies on security incidents and maintenance activities
Maintain detailed notes within Operational Management systems on all security issue resolution activities
Maintain customer technical information within defined documentation standards
Obtain/maintain technical/professional certifications applicable to position or as directed
Manage and maintain security monitoring and alerting systems
Assess and identify appropriate solutions to be integrated into the systems operation and make recommendations for implementation and troubleshooting
Communicate with customers, peers, team and managers regarding incident and change management
Provide emergency on-call support on a rotating schedule
Perform other duties as assigned
Minimum Education and Experience:
High School Diploma or equivalent
1+ year of technical security related experience
1+ year of experience of event/alert management, incident and change management processes.
1+ year of experience of Command and Control (CnC), Indicator of Compromise (IoC), DDOS, Email Phishing, Brute Force Attacks, Event log analysis
Preferred Education and Experience:
Bachelor’s Degree preferred
1+ year of experience working in a NOC or SOC
1+ year of Security Incident Response experience
2+ years of networking and/or security experience
2+ years of experience in Security Management and SIEM (e.g., Splunk, OSSIM, AlienVault)
2+ years of experience with Ticket Management Tools (e.g., ConnectWise)
Possession of Industry Certifications (Security+, SSCP. GCIA, CISSP)
OTHER SKILLS and ABILITIES:
Excellent Interpersonal Skills (develop and maintain strong working relationships)
Strong work ethic
Detailed oriented with strong written and verbal communication skills
Ability to prioritize tasks.
Strong organizational skills
Occasional overtime may be required
Basic telephone operation skills
Excellent customer service skills
Familiarity with ITIL Processes
Proficiency in Microsoft Office programs and ability to learn specialized system tools
Ability to multi-task in a fast-paced environment
TRAVEL: (Limited to No Travel)
PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to sit and talk or hear. The employee frequently is required to stand; walk; and use hands to finger, handle, or feel objects, tools, or controls. The employee is occasionally required to reach with hands and arms. The employee must occasionally lift and/or move up to 35 pounds. Specific vision abilities required by this job involve normal vision.
WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
The noise level in the work environment is usually quiet to moderate.