Position- Security Operations Center Analyst

Location – Frisco, TX (3 Days onsite & 2 days remote)

Full time Hire

Tools Knowledge: - Microsoft MDE,MDI, ,Sentinel, MDCA and FireEye,Proof-point

Experience required: - 5 to 8 years

• Ensure that SOC and IR activities within a process are being performed at a high level of quality and that it meets its associated Service Level Agreements or Operational Level Agreements
• Responsible for assigning incidents within a group or division.
• Responsible for communicating with the process manager.
• Determines if an incident needs to be escalated according to priority and severity of the issue.
• Ensure that Incidents assigned to their Support Groups are resolved and that service is restored.
• Monitor the Incidents and manage workload in their respective queues to ensure that Service Level Agreement and Operational Level Agreement are respected.
• Identify Incidents for review.
• Participate in Incident review following major Incidents.
• Identify potential problems and/or increasing trend of repetitive Incidents.
• Create Knowledge with repeatable procedures with a goal of reducing the number of Incidents.
• Escalate all process issues to the Incident Manager
• Good understanding of security operations, network security, threat intelligence, incident response.
• SIEM configurations (Particularly Azure Sentinel), incident and alarm response procedures, engagement with operations teams to manage incidents.
• Experience with writing queries, parsing, and correlating data.
• The ability to perform analysis of the log files from multiple different devices, environments and identify of security threats.
• Review and respond to Security Incidents, track, and collaborate its timely resolution.
• Responsible for managing the queue for tracking, trending, and aging of ticket.
• Collect, review, report external threat metrics and track its remediation.
• Collect and analyze security reports/evidence and draw conclusions based on the tracking & trending.
• Review, update and maintain SOP, playbooks.
• Work across various security support teams to assemble required reports for weekly and monthly security operations client meetings.
• Monitor security incidents tickets to ensure security events are being properly serviced and that associated SLAs are met.
• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organizations data, systems, and networks.
• Resource should have hands-on experience on use case review and participate in use case fine tuning.