Sr. SOC Analyst | Incident Response (Contract to Hire/Remote)

About the Role:

The Senior Security Operations Center Analyst determines and analyzes possible information security threats and vulnerabilities, and then risk prioritizes threats with business stakeholders.  The Analyst develops strategies and solutions that remediate or mitigate the risks associated with these threats, implements the solutions, monitors effectiveness and continuously improves the SOC operations.  Events and incidents are managed, mitigated or remediated and then documented as required. 

The Analyst configures and maintains scanning, monitoring, alerting and reporting security tools. The Analyst works with other team members to evaluate events and manage incidents, execute proper data forensic efforts, remediates exposures, documents and reports on findings.  Evaluates effectiveness of the SOC and seeks continuous program improvement. Integrates the SOC as part of a comprehensive information security program.  Organizes and leads efforts to define or improve security policies, technical controls, processes and standards within Security and other Information Technology Departments.

What You’ll Do:

• Use all available resources such as industry news and trends, threat analysis, historical events, and business plans to identify security threats and vulnerabilities
• Works with business units and with other risk functions to identify technology security requirements, using methods that may include risk and business impact assessments
• Prioritizes business security risks and develops mitigation strategies and plans
• Configures and maintains monitoring and alerting tools including executive and management dashboards and reporting
• Performs event and alert analysis and dispositions
• Manages incident and event resolution, coordinates communication and reporting
• Coordinates and completes security operations documentation
• Works with IT department and members of the information security and compliance teams to identify, select and implement technical controls
• Develops security processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained
• Researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments
• Provides second- and third-level support and analysis during and after a security incident
• Participates in security investigations and compliance reviews, as requested by internal or external auditors
• Researches, evaluates, designs, tests, recommends and plans the implementation of new or updated information security technologies
• Researches and assesses new threats and security alerts, and recommends remedial actions

Qualifications & Interests:

• Advanced information security threat and analysis skills
• Advanced experience with security systems and software including SIEM, IDS/ IPS, encryption, DLP, endpoint protection, web proxies and gateways.
• Advanced experience in evaluating and securing complex application, network, server, workstation and database systems
• Deep understanding of the modern and evolving cyber threat landscape
• Experience with security and emergency data incident response and leadership
• Expert at vulnerability management of Web, Windows, Linux and network systems
• Addressing questions from internal and external audits and customers
• Able to work flexible hours including after hours, weekends and holidays as needed
• Demonstratable Agile IT Project Management experience
• Excellent written and oral communication skills
• Excellent teamwork, team mentoring and participation sills