Lead SOC Analyst

Offer by RED SKY Consulting

security

python

About this job

Job type: Full-time
Role: System Administrator



Technologies

security, python



Job description

Title: Lead SOC Analyst

Type: Full time Position

Location: Austin, TX

Compensation:  to 120K, Benefits , 401k, ability to work remote 2 days a week


Description:

This is a Lead SOC Analyst which includes Tier 1 and 2 SOC analysts as well as folks responsible for red teaming, intelligence analysis, and technical threat researchers. This role will be primarily engaged in hunting and research activities when not leading response efforts to complex attacks.

The position is located in Chicago or Austin with a flexible schedule including the ability to work from home 1-2 days per week. This is a growing team and this position will have a significant role in shaping it. While not a management position, other Tier 1 and Tier 2 SOC analysts will follow your operational lead.

Responsibilities:

  • Assist with response and investigation efforts.
  • Assist in the design, evaluation, and implementation of new security technologies.
  • Mentor and share expertise with junior staff.
  • Execute incident response processes to respond to security threats and attacks.
  •  Create detection and mitigation rules based on indicators of compromise that align with industry threats.
  • Update incident response playbooks to minimize gaps in response processes.

Experience and Expertise:

  • Experience identifying, investigating, and responding to complex attacks.
  • Minimum of 5 years’ experience in security, 3 years Incident Response.
  • Experience with investigative technologies such as SIEM, packet capture analysis, host forensics analysis tools.
  • Understanding of threat landscape in terms of the tools, tactics, and techniques of attacks.
  • Understanding of networking and security fundamentals and administration of Windows, Unix/Linux, and Macintosh.
  • Some degree of Python competency to build and maintain scripts used to detect, investigate and remediate threats is a plus.


A new version is available REFRESH