SOC Security Analyst - Level 1

Join a highly skilled and motivated team of Cyber Security Professionals tasked with protecting Coretek and its customers. The Cyber Security Analyst level 1 is an entry level role that is primarily focused on responding to alerts, setting up cases for escalation, and triage. Analysts will leverage Microsoft Sentinel as well as, cyber case management and supplementary tools to investigate, contain, and remediate cyber security incidents. The Cyber Security Analyst must have a drive to learn and grow as the industry changes and Coretek adapts rapidly.

Coretek understands that a candidate may not possess all the skills required of a Security Analyst for the unique service provider space and will educate and grow the right candidate. At Coretek the desire to learn and work with in a team is a requirement of the position. Skills in other disciplines are always welcome and shows a candidate’s ability to adapt. Those with formal education are welcomed as well as those that are self-taught. Structured training as well as on the job experience is a required part of the job to bring security professionals up to speed for the complex requirements and fast paced environment of a service provider. Security Analysts must have a drive to learn and grow as the industry changes and Coretek adapts.

ESSENTIAL FUNCTIONS:

• Respond to alerts and validate findings
• Escalate security incidents incident response teams for investigation / remediation
• Support Incident Response investigations for Coretek and Coretek customers
• Learn to perform analysis of logs and alerts
• Coordinate with appropriate teams to provide incident handling and response support
• Learn to use and improve incident response procedures & runbooks
• Handle security incident escalation via Cyber Case Management tools, SIEM, ITSM, email, phone, or walk-up

Requirements

MINIMUM QUALIFICATIONS:

• Knowledge of incident response, investigation, system forensics, or related cyber security education / self-learning
• Familiarity with Windows and Linux operating systems including command line operation
• Possess a foundation in networking fundamentals and TCP/IP
• Knowledge of common network-based services and common client/server applications
• Excellent verbal/written communication, interpersonal and organizational skills
• Communicate effectively with varied levels of staff to develop positive working relationships
• Excellent problem-solving skills to diagnose technical issues
• Manage customer situations professionally to aid in positive customer satisfaction
• Ability to learn new technology and concepts quickly
• Ability to work on a shift or on-call rotation if needed
• Formal education or certifications in incident response, forensics, cyber security case management, IT technology, networking, or related topics
• Experience working on a security operations team
• Experience reviewing and analyzing log data from various network and security devices
• Experience with well-known information security related tools for packet capture, network/OS fingerprinting, and communication
• Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge
• Experience with enterprise SIEM products
• Experience with ITSM, SOAR, or Cyber Case Management Tools
• Scripting with Python, Perl, Bash and/or PowerShell a plus
• Database structures and queries, Regular Expressions a plus
• Experience acquiring and analyzing data from clients and servers related to security incident response
• Digital Forensic or Threat Intelligence work

PREFERRED QUALIFICATIONS:

• Formal education or certifications in incident response, forensics, cyber security case management, IT technology, networking, or related topics
• Experience working on a security operations team
• Experience reviewing and analyzing log data from various network and security devices
• Experience with well-known information security related tools for packet capture, network/OS fingerprinting, and communication
• Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge
• Experience with enterprise SIEM products
• Experience with ITSM, SOAR, or Cyber Case Management Tools
• Scripting with Python, Perl, Bash and/or PowerShell a plus
• Database structures and queries, Regular Expressions a plus
• Experience acquiring and analyzing data from clients and servers related to security incident response
• Digital Forensic or Threat Intelligence work

EDUCATION and TRAINING:

• Degree in technology, cyber security, criminal justice/forensics, or equivalent work experience
• Security related certifications desired