Job Description
TITLE : SOC Analyst II
DEPARTMENT : Information Technology
REPORTING TO : Manager, Cyber Security
PURPOSE OF THE POSITION:
This position will focus on incident management and deceptive technologies. This position will help ensure our organization is well positioned in terms of enterprise-class security standards and tools. The SOC Analyst II is responsible for detecting and reporting cybersecurity incidents. Team members are accountable for defining threat prevention, detection, and response processes, developing system specifications to maximize threat detection and prevention capabilities, and equipping the organization to optimize its cybersecurity incident response capabilities. The SOC Analyst (Tier 2) is responsible for gathering intelligence, building and maintaining a threat profile, and maintaining relationships to aide in the ability to prevent and detect threats within the environment. The SOC Analyst (Tier 2) is also responsible for coaching and guiding Tier 1 SOC Analysts as well as performing as an escalation point.
Job Responsibilities:
- Initiate Incident management processes in the event of a realized Security Incident/Breach.
- Identifying, building, and testing IR technical playbooks
- Work on security alerts to identify issues
- Asist with deployment of security best practices
- Perform threat-hunter related activities to identify gaps within the environment
- Stay up to date on security related events and taking appropriate measures
- Perform monitoring and data correlation to events of interest using multiple tools such as system event logs, SIEM, IPS/IDS logs, network traffic, anti-virus console and client end-point software to determine if there is an incident.
- Respond to security incident and investigation requests in line with established processes and procedures within defined service level targets.
- Must have extensive experience in multiple security areas such as SIEM, IDS and APT.
- Drive containment strategy during data loss or breach events.
- Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).
- Perform in depth forensic activities e.g. conducting examinations of computers, system logs, applications and networks to locate evidence.
- Perform Root cause analysis (RCA) for the incidents and update the knowledge management.
- Tuning of IDS, proxy policy, in-line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems.
- Threat hunting for new and suspicious patterns/activities
- Provide intermediate event analysis, incident detection, and escalate as needed to Level 3 Analyst with documented procedures
- Remain current on cyber security trends and intelligence (open source and commercial) in order to guide the security analysis & identification capabilities of the SOC team
- Ensures that all identified events are promptly validated and thoroughly investigated
- Responsible for identifying training needs for the junior analysts
- Oversee documentation owned by the SOC team including but not limited to Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs)
- Report progress and escalate in a timely manner to the Information Security Leadership
- Provide oversight and guidance to Level 1 Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents
- Coordinate with the Security Engineering and other Enterprise Levels teams to implement new or enhanced content
Qualifications Required:
- Bachelor’s degree in Computer Science or related field
- Should have 4 to 7 years of experience supporting complex global environment.
- Professional security management certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified SOC Analyst (CSA), etc
- Willing to work on any of three 9 hour shifts to offer 24 hours support service
- Understanding of network devices such as routers, switches. TCP/IP knowledge
- Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns
- Experience with leading SIEM solutions including Splunk, ArcSight ESM and Loggers
- Experience with ticketing systems
- Intermediate knowledge in system security architecture and security solutions
Interpersonal skills
- Passionate, Self-motivated and driven, with keen attention to detail, action-and-results oriented.
- Excellent interpersonal, verbal and written communication skills as well as strong logical, analytical, problem solving skills and reporting skills.
- Able to prioritize and execute tasks in a high-pressure environment.
- Experience with in a team-oriented, collaborative environment.
- Ability to collaborate effectively across multiple diverse teams to deliver security solutions and best practices.
About Berkadia:
Berkadia, a joint venture of Berkshire Hathaway and Jefferies Financial Group, is an industry leading commercial real estate company providing comprehensive capital solutions and investment sales advisory and research services for multifamily and commercial properties. Berkadia is amongst the largest, highest rated and most respected primary, master and special servicers in the industry.
Berkadia is an equal opportunity employer and affords equal opportunity to all applicants and employees for all positions without regard to race, color, religion, gender, national origin, age, disability or any other status protected under the law.
Our people are our greatest strength and make Berkadia a great place to work, creating an environment of trust, mutual respect, innovation and collaboration. Our culture is driven by our core values: https://www.berkadia.com/about/vision-and-values.
To know more about Berkadia, please visit our website https://www.berkadia.com/aboutus/
