SOC Analyst I

Remote (anywhere within the U.S.) - MUST be able to work Eastern Standard Time

*The position is open to U.S. citizens or Greencard holders and requires a favorably adjudicated GSA Fitness Review for Public Trust Positions**

Job Description Summary:

SOC Analyst will be part of MetTel SOC team responsible for reducing the impact of security incidents and ensures that critical business operations continue unhindered. SOC Analyst will be analyzing security and log data, performing security incident response, conducting in-depth analysis of network and endpoint data, and incorporating threat intelligence to enhance detection and mitigation strategies.

Competencies:

• SIEM experience with ArcSight and Splunk
• Experience using ticketing systems such ServiceNow.
• Network , SPLUNK Training highly valued.
• Alert development based on log analysis.

Duties / Responsibilities:

• Monitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, firewall logs, user reported incidents, and system logs (Windows and Linux), and databases.
• Use various Security Incident and Event Management (SIEM) tools, SOAR platform and other related security management/console applications, such as network traffic and data analytics.
• Responsible for data collection, review and analysis of internal and external threats and attacks, including but not limited to alert response, Root Cause Analysis, and some forensic level tasking.
• Analyze both raw and processed security alerts, event data and logs to identify potential security incidents, threats, mitigations, and vulnerabilities.
• Direct experience with SIEM, EDR, Anti-Virus, Firewall, Network protocols, Windows security events, Phishing mitigation, Wireshark
• Perform triage of incoming issues (assess the priority, determine risk)
• Initiate incident notification, case tracking/management, recovery actions, and report status updates.
• Participate in the remediation of incidents and responses that are generated from live threats against the enterprise.
• Support follow-on actions, such as coordinating with other organization teams to facilitate remediation of the alert/event/incident, and close out the investigation.
• Regularly communicate with engineering teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual.
• Maintain a strong awareness of the current threat landscape.
• Provide Incident Response (IR) support when analysis confirms actionable incident.
• Provide threat and vulnerability analysis as well as security advisory services.
• Perform and Manage vulnerability scanning using Tenable and Nessus. Produce scan reports for analysis.
• Knowledge of network protocols, network analysis tools, and ability to perform analysis of associated network logs.

Education and Experience Required

• Bachelor's degree in a Computer Sciences. (Computer Security/Information Security degree preferred), in lieu of a degree, additional experience will be considered.
• 1 years' experience working within a Security Operations Center.
• Knowledge of and experience with intrusion detection/prevention systems and SIEM software
• Experience analyzing network and host-based security events.
• Knowledge of various security methodologies and processes, and technical security solutions
• Knowledge of incident response life cycle and steps
• Knowledge of TCP/IP protocols, network analysis, and network/security applications
• Knowledge of common Internet protocols and applications
• Excellent written and oral communication skills.
• Initiative-taking and able to work in an independent manner.

Preferred Education and Experience

Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions

Why MetTel

MetTel is a leading global solution provider of communications technology for business, backed by the nation's leading carriers. Recognized for our flexible and customer-driven approach, MetTel services countless universal brands, Fortune 500 organizations and the U.S. government, developing and implementing their tech strategies while revamping all operations with our proprietary cloud-platform. With over 20 years of legacy experience, MetTel is now generating industry-buzz around our pioneering role in the advanced technology and mobile space thanks to industry-first Cross-Carrier pooling solutions, unparalleled coverage, and a front-line portfolio.

Subject to applicable law, all prospective hires will be required to demonstrate that they have been fully vaccinated for COVID-19 or intend to be vaccinated for COVID-19 by December 8, 2021 or qualify for a medical or religious accommodation to this vaccination requirement. Hired candidates who are not vaccinated by December 8, 2021, and who have not been approved for a legally required medical or religious accommodation will be subject to disciplinary action up to and including termination of employment, subject to applicable law.

• The salary range reflected is a good faith estimate of base pay for the primary location of the position. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $80K - $85K annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, experience and abilities of the successful candidate. Your recruiter can share more about the specific salary range for the job location during the hiring process.