About the job SOC/Security Analyst
Position Title: Security Analyst I
Client: US Based MSP Company
Job Timing: We have two shifts (12-9am EST and 4am-1pm EST)- US Time Zone
Job Type: Full-time
Work Mode: Onsite/Remote/Hybrid
Salary Range: PKR 150,000-300,000 based on current salary and experience
The Security Analyst I role is a critical position within the organization. The primary function of the role will be to provide monitoring of deployed customer environments for security events. This includes establishing the extent of a threat, the business impact, and advising the most suitable course of action to contain and remedy the event. A Cybersecurity Technician will serve as an escalation point to the subject matter expert for in-depth cybersecurity events and must be able to communicate effectively to all stakeholders during the event management process.
Our People:
Our team members are collaborative, positive, and dedicated to mutual success. Transparency isn't just a buzzword here; it's a commitment to open communication, ensuring every voice is heard and valued. Guided by our core values Passionately Curious, Own It, Go Beyond, and Serve as One were here to create something extraordinary together.
Our Core Focus:
Our team members play a pivotal role in our focus: Serving those who serve with technologies for today and tomorrow that make life safe and simple. With nearly 30 years of specialized expertise, our team goes beyond conventional boundaries, delivering tailored managed services and cybersecurity solutions to our clients.
Your Growth:
We are a growth-minded organization that prioritizes development, offering numerous opportunities for career advancement. Rooted in our core value of being Passionately Curious, VC3 offers a dynamic learning environment, emphasizing hands-on experiences and formal development programs that celebrate continuous learning to propel your career forward.
Key Responsibilities
- Manage the security event monitoring and incident response ticket queues and triage as appropriate to meet the established service level agreements
- Promptly transfer cybersecurity tickets to the client or internal point of contact
- Clearly convey indicators of compromise, isolation, and remediation steps
- Analyze and interpret system, security, and application logs in order to diagnose faults, spot abnormal behavior, and rule out false positives
- Effectively utilize End Detection and Response tools to investigate alerts, anomalies, and build accurate timelines related to possible compromise
- Follow established procedures to investigate, escalate, contain, or eradicate malicious activity
- Develop and deliver written and oral reports to clients, teammates, and management to aggregate and communicate security information and metrics
- Provide input and recommendations to improve internal processes and procedures related to SOC duties and responsibilities
- Participate in threat-hunting activities and other special projects as required
- Understand and follow The VC3 Way, our set of standards and processes that produce a predictable result for the client. You must be aware of and maintain our standards.
Additional Responsibilities
- Maintain accurate and real-time timesheets, record complete and accurate notes of troubleshooting and communication with clients
- Receive mentoring and feedback from peers and others
- Where appropriate, escalate complicated issues to a more senior resource or other appropriate teams
- Review Tickets with Manager
- Actively Participate in Team Huddles, L10 Meetings, One on One Meetings, and any other Team Meetings
- Create and update documentation when changes occur, or when discoveries are made
- Attend monthly training & team meetings as required
- Additional duties as required
Skills, Knowledge, and Expertise
- Two years work experience in the Information Security or related fields
- Two or more current security-related industry certifications
- Experience with SIEM platforms, firewall management, and endpoint detection and response platforms
- One year or more of experience with EDR solutions, ESGs, vulnerability management, and content filtering
- Good problem-solving and decision-making skills; ability to understand and analyze complex issues
- Self-motivated, detail-oriented, highly organized, and able to handle a variety of tasks and responsibilities in an efficient manner with a high level of quality
- One of the following certifications preferred: CompTIA Security+, CompTIA CySA+, CCNA, C|EH, SSCP, or equivalent