ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Security Operations Center (SOC) Analyst to work in a 24x7x365 SOC. This team will provide initial levels of incident identification, analysis, and triage. They will also provide baseline health reporting of the core SOC toolset, including availability of security log and data sources and integration of threat intelligence feeds. Proactive threat hunting will be a regular duty of the team. The team will mitigate incidents directly where possible, escalating incidents as needed to the Incident Response and Management Team. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market. 

Roles and Responsibilities

• Perform Computer Security Incident Response activities for a large global enterprise, coordinate with other enterprise IT teams to record and report incidents
• Work incidents from initial assignment to final resolution
• Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
• Author SOPs as needed or directed
• Fully document assigned tickets to show all work performed
• Create, track, and work to resolution Normal and Standard job-related Change Requests
• Correlate network activity across networks to identify trends of unauthorized use
• Reviews alerts and data from sensors and documents formal, technical incident reports
• Track, update and close tickets expeditiously
• Researches emerging threats and vulnerabilities to aid in the identification of network incidents
• Analyzes data from threat and vulnerability feeds and analyzes data
• Identifies and resolves false positive findings in assessment results
• Makes real-time decisions about incidents as they occur

Required Skills

• Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis.
• Prior experience and ability to with analyzing information technology security events to discern true positive incidents from false positive events. This includes security event triage, incident investigation, implementing countermeasures, and conducting incident response.
• Demonstrated capability to effectively monitor and investigate security incidents as well as make recommendations to improve the security posture of a large organization
• Strong logical/critical thinking abilities, especially analyzing security events from host and network event sources e.g., windows event logs, AV, EDR, network traffic, IDS events for malicious intent).
• Strong foundation of Network and Security skills, fundamental knowledge of Windows, Linux and Cisco operating systems, networking protocols and network traffic analysis
• Previous hands-on experience with a Security Information and Event Monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting is required (preferably within Splunk).
• Experience with IT security tools, working technical knowledge of network, server, storage and desktop hardware and software
• Demonstrated ability to work with matrixed resources in a team environment
• Excellent written and verbal communication skills

Education Requirement

• BS/BA in Computer Science, Information Systems, Engineering, Business, Physical Science, or other technology-related discipline or 1 years of relevant experience is preferred

Years of Experience Requirement

• 1-5 years desired but not required depending on demonstrated capability to perform required tasks

Certification Requirement

• Security required. Additional desired certifications include: Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH)

Location

• Remote

Security Clearance

• Active Secret clearance required